From 4e31da499e47738cee4784b4d14f2164e84fe711 Mon Sep 17 00:00:00 2001
From: Pino Toscano <toscano.pino@tiscali.it>
Date: Mon, 21 Nov 2011 14:21:03 +0100
Subject: [PATCH] hurdsock: reject negative domains

Reject negative socket domains right away; otherwise, it is possible to read
and set out-of-bounds locations of the `servers' array (returning the values
at those invalid memory locations), and even try to deallocate ports with
random values if the `dead' parameter is different than zero.
---
 ChangeLog       |    5 +++++
 hurd/hurdsock.c |    6 ++++++
 2 files changed, 11 insertions(+), 0 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index d9866de..472cb7c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2011-11-21  Pino Toscano  <toscano.pino@tiscali.it>
+
+	* hurd/hurdsock.c (_hurd_socket_server): Check for negative domains,
+	and reject them.
+
 2011-11-17  Ulrich Drepper  <drepper@gmail.com>
 
 	* Makefile.in: Remove CVSOPT handling.
diff --git a/hurd/hurdsock.c b/hurd/hurdsock.c
index a01b8aa..f2817e3 100644
--- a/hurd/hurdsock.c
+++ b/hurd/hurdsock.c
@@ -47,6 +47,12 @@ _hurd_socket_server (int domain, int dead)
 {
   socket_t server;
 
+  if (domain < 0)
+    {
+      errno = EAFNOSUPPORT;
+      return MACH_PORT_NULL;
+    }
+
   HURD_CRITICAL_BEGIN;
   __mutex_lock (&lock);
 
-- 
1.7.7.1