netstack/udp: connect with the AF_UNSPEC address family means disconnect

PiperOrigin-RevId: 256433283
author: Andrei Vagin <avagin@google.com> 2019-07-03 13:57:24 -0700
committer: gVisor bot <gvisor-bot@google.com> 2019-07-03 14:19:02 -0700
commit: 116cac053e2e4e167caa9707439065af7c7b82b3 (patch)
tree: 1cc098420d1f323f1e8d92dfba3ed4a4c7991cfe /pkg/sentry
parent: f10862696c8508ee69f25838e25caacabf55ef83 (diff)
3 files changed, 12 insertions, 9 deletions
diff --git a/pkg/sentry/socket/epsocket/epsocket.go b/pkg/sentry/socket/epsocket/epsocket.go
index b2b2d98a1..9d1bcfd41 100644
--- a/pkg/sentry/socket/epsocket/epsocket.go
+++ b/pkg/sentry/socket/epsocket/epsocket.go
@@ -285,14 +285,14 @@ func bytesToIPAddress(addr []byte) tcpip.Address {
 // GetAddress reads an sockaddr struct from the given address and converts it
 // to the FullAddress format. It supports AF_UNIX, AF_INET and AF_INET6
 // addresses.
-func GetAddress(sfamily int, addr []byte) (tcpip.FullAddress, *syserr.Error) {
+func GetAddress(sfamily int, addr []byte, strict bool) (tcpip.FullAddress, *syserr.Error) {
 	// Make sure we have at least 2 bytes for the address family.
 	if len(addr) < 2 {
 		return tcpip.FullAddress{}, syserr.ErrInvalidArgument
 	}
 
 	family := usermem.ByteOrder.Uint16(addr)
-	if family != uint16(sfamily) {
+	if family != uint16(sfamily) && (!strict && family != linux.AF_UNSPEC) {
 		return tcpip.FullAddress{}, syserr.ErrAddressFamilyNotSupported
 	}
 
@@ -317,7 +317,7 @@ func GetAddress(sfamily int, addr []byte) (tcpip.FullAddress, *syserr.Error) {
 	case linux.AF_INET:
 		var a linux.SockAddrInet
 		if len(addr) < sockAddrInetSize {
-			return tcpip.FullAddress{}, syserr.ErrBadAddress
+			return tcpip.FullAddress{}, syserr.ErrInvalidArgument
 		}
 		binary.Unmarshal(addr[:sockAddrInetSize], usermem.ByteOrder, &a)
 
@@ -330,7 +330,7 @@ func GetAddress(sfamily int, addr []byte) (tcpip.FullAddress, *syserr.Error) {
 	case linux.AF_INET6:
 		var a linux.SockAddrInet6
 		if len(addr) < sockAddrInet6Size {
-			return tcpip.FullAddress{}, syserr.ErrBadAddress
+			return tcpip.FullAddress{}, syserr.ErrInvalidArgument
 		}
 		binary.Unmarshal(addr[:sockAddrInet6Size], usermem.ByteOrder, &a)
 
@@ -343,6 +343,9 @@ func GetAddress(sfamily int, addr []byte) (tcpip.FullAddress, *syserr.Error) {
 		}
 		return out, nil
 
+	case linux.AF_UNSPEC:
+		return tcpip.FullAddress{}, nil
+
 	default:
 		return tcpip.FullAddress{}, syserr.ErrAddressFamilyNotSupported
 	}
@@ -465,7 +468,7 @@ func (s *SocketOperations) Readiness(mask waiter.EventMask) waiter.EventMask {
 // Connect implements the linux syscall connect(2) for sockets backed by
 // tpcip.Endpoint.
 func (s *SocketOperations) Connect(t *kernel.Task, sockaddr []byte, blocking bool) *syserr.Error {
-	addr, err := GetAddress(s.family, sockaddr)
+	addr, err := GetAddress(s.family, sockaddr, false /* strict */)
 	if err != nil {
 		return err
 	}
@@ -498,7 +501,7 @@ func (s *SocketOperations) Connect(t *kernel.Task, sockaddr []byte, blocking boo
 // Bind implements the linux syscall bind(2) for sockets backed by
 // tcpip.Endpoint.
 func (s *SocketOperations) Bind(t *kernel.Task, sockaddr []byte) *syserr.Error {
-	addr, err := GetAddress(s.family, sockaddr)
+	addr, err := GetAddress(s.family, sockaddr, true /* strict */)
 	if err != nil {
 		return err
 	}
@@ -1922,7 +1925,7 @@ func (s *SocketOperations) SendMsg(t *kernel.Task, src usermem.IOSequence, to []
 
 	var addr *tcpip.FullAddress
 	if len(to) > 0 {
-		addrBuf, err := GetAddress(s.family, to)
+		addrBuf, err := GetAddress(s.family, to, true /* strict */)
 		if err != nil {
 			return 0, err
 		}
diff --git a/pkg/sentry/socket/unix/unix.go b/pkg/sentry/socket/unix/unix.go
index b30871a90..637168714 100644
--- a/pkg/sentry/socket/unix/unix.go
+++ b/pkg/sentry/socket/unix/unix.go
@@ -110,7 +110,7 @@ func (s *SocketOperations) Endpoint() transport.Endpoint {
 
 // extractPath extracts and validates the address.
 func extractPath(sockaddr []byte) (string, *syserr.Error) {
-	addr, err := epsocket.GetAddress(linux.AF_UNIX, sockaddr)
+	addr, err := epsocket.GetAddress(linux.AF_UNIX, sockaddr, true /* strict */)
 	if err != nil {
 		return "", err
 	}
diff --git a/pkg/sentry/strace/socket.go b/pkg/sentry/strace/socket.go
index f9cf2eb21..386b40af7 100644
--- a/pkg/sentry/strace/socket.go
+++ b/pkg/sentry/strace/socket.go
@@ -332,7 +332,7 @@ func sockAddr(t *kernel.Task, addr usermem.Addr, length uint32) string {
 
 	switch family {
 	case linux.AF_INET, linux.AF_INET6, linux.AF_UNIX:
-		fa, err := epsocket.GetAddress(int(family), b)
+		fa, err := epsocket.GetAddress(int(family), b, true /* strict */)
 		if err != nil {
 			return fmt.Sprintf("%#x {Family: %s, error extracting address: %v}", addr, familyStr, err)
 		}
author	Andrei Vagin <avagin@google.com>	2019-07-03 13:57:24 -0700
committer	gVisor bot <gvisor-bot@google.com>	2019-07-03 14:19:02 -0700
commit	116cac053e2e4e167caa9707439065af7c7b82b3 (patch)
tree	1cc098420d1f323f1e8d92dfba3ed4a4c7991cfe /pkg/sentry
parent	f10862696c8508ee69f25838e25caacabf55ef83 (diff)