From de0c75694ad9c9523bbe0d6920935d11627bc7d9 Mon Sep 17 00:00:00 2001 From: kgv Date: Fri, 13 Nov 2020 19:59:24 +0300 Subject: [PATCH] 0031925: Foundation Classes, OSD_Host::InternetAddress() - possible NULL dereference on copying gethostbyname() result Changes on non-Windows platforms: - Deprecated gethostbyname() has been replaced by getifaddrs()+inet_ntop() handling IPv4+IPv6 addresses; - External IPs are now preferred comparing to dummy localhost 127.0.0.1. --- src/OSD/OSD_Host.cxx | 72 +++++++++++++------ .../STEPConstruct_AP203Context.cxx | 12 +++- 2 files changed, 60 insertions(+), 24 deletions(-) diff --git a/src/OSD/OSD_Host.cxx b/src/OSD/OSD_Host.cxx index 1547be3fbd..f3c7554e1f 100644 --- a/src/OSD/OSD_Host.cxx +++ b/src/OSD/OSD_Host.cxx @@ -21,10 +21,11 @@ #include #include -const OSD_WhoAmI Iam = OSD_WHost; - #include +#include +#include + #include // For 'uname' #include // This is for 'gethostbyname' #include @@ -89,7 +90,7 @@ char value[65]; int status; status = gethostname(value, 64); -if (status == -1) myError.SetValue(errno, Iam, "Host Name"); +if (status == -1) myError.SetValue(errno, OSD_WHost, "Host Name"); result = value; return(result); @@ -116,25 +117,52 @@ Standard_Integer OSD_Host::AvailableMemory(){ // ========================================================================= -TCollection_AsciiString OSD_Host::InternetAddress(){ - struct hostent internet_address; - int a,b,c,d; - char buffer[16]; - TCollection_AsciiString result,host; - - host = HostName(); - memcpy(&internet_address, - gethostbyname(host.ToCString()), - sizeof(struct hostent)); - - // Gets each bytes into integers - a = (unsigned char)internet_address.h_addr_list[0][0]; - b = (unsigned char)internet_address.h_addr_list[0][1]; - c = (unsigned char)internet_address.h_addr_list[0][2]; - d = (unsigned char)internet_address.h_addr_list[0][3]; - sprintf(buffer,"%d.%d.%d.%d",a,b,c,d); - result = buffer; - return(result); +TCollection_AsciiString OSD_Host::InternetAddress() +{ + TCollection_AsciiString aResult; + struct ifaddrs* anAddrFullInfo = NULL; + getifaddrs (&anAddrFullInfo); + for (struct ifaddrs* anAddrIter = anAddrFullInfo; anAddrIter != NULL; anAddrIter = anAddrIter->ifa_next) + { + if (!anAddrIter->ifa_addr) + { + continue; + } + + if (anAddrIter->ifa_addr->sa_family == AF_INET) + { + // IP4 Address + char aBuffer[INET_ADDRSTRLEN]; + void* aTmpAddrPtr = &((struct sockaddr_in* )anAddrIter->ifa_addr)->sin_addr; + inet_ntop (AF_INET, aTmpAddrPtr, aBuffer, sizeof(aBuffer)); + if (strcmp (aBuffer, "127.0.0.1") != 0) // skip localhost address + { + aResult = aBuffer; + break; + } + } + else if (anAddrIter->ifa_addr->sa_family == AF_INET6) + { + // IP6 Address + char aBuffer[INET6_ADDRSTRLEN]; + void* aTmpAddrPtr = &((struct sockaddr_in6 *)anAddrIter->ifa_addr)->sin6_addr; + inet_ntop (AF_INET6, aTmpAddrPtr, aBuffer, sizeof(aBuffer)); + if (strcmp (aBuffer, "::1") != 0) // skip localhost address + { + aResult = aBuffer; + break; + } + } + } + if (anAddrFullInfo != NULL) + { + freeifaddrs (anAddrFullInfo); + } + if (aResult.IsEmpty()) + { + return "127.0.0.1"; + } + return aResult; } // ========================================================================= diff --git a/src/STEPConstruct/STEPConstruct_AP203Context.cxx b/src/STEPConstruct/STEPConstruct_AP203Context.cxx index a5cae628cd..ad222a4b86 100644 --- a/src/STEPConstruct/STEPConstruct_AP203Context.cxx +++ b/src/STEPConstruct/STEPConstruct_AP203Context.cxx @@ -164,12 +164,20 @@ Handle(StepBasic_PersonAndOrganization) STEPConstruct_AP203Context::DefaultPerso OSD_Host aHost; TCollection_AsciiString anIP = aHost.InternetAddress(); // cut off last number - Standard_Integer aLastDotIndex = anIP.SearchFromEnd ("."); - if (aLastDotIndex >0) + const Standard_Integer aLastDotIndex = anIP.SearchFromEnd ("."); + if (aLastDotIndex > 0) { + // IPv4 anIP.Trunc (aLastDotIndex - 1); orgId->AssignCat (anIP.ToCString()); } + else + { + // IPv6 + const Standard_Integer aLastColonIndex = anIP.SearchFromEnd (":"); + anIP.Trunc (aLastColonIndex - 1); + orgId->AssignCat (anIP.ToCString()); + } // create organization Handle(StepBasic_Organization) aOrg = new StepBasic_Organization; -- 2.39.5