aboutsummaryrefslogtreecommitdiffstats
path: root/CommonLibs/Sockets.cpp
AgeCommit message (Collapse)AuthorFilesLines
2016-05-02common: Add mandatory length field to UDP receive callsTom Tsou1-13/+9
Current UDP receive reads up to MAX_UDP_LENGTH bytes into the passed in buffer, which may lead to buffer overflow if the write buffer is of insufficient size. Add mandatory length argument to UDP socket receive calls. Reported-by: Simone Margaritelli <simone@zimperium.com> Signed-off-by: Tom Tsou <tom.tsou@ettus.com>
2016-05-02common: Restrict UDP binding to localhost onlyTom Tsou1-1/+1
Reported security vulnerability where control and data UDP packets can be injected into the transceiver externally due to socket binding to all interfaces using INADDR_ANY. Existing socket interface does not allow specifying local address; only the local port and remote address/port are arguments. Restrict socket bind to localhost with INADDR_LOOPBACK. If external interfaces do need to be used, the API should be modified to allow specifying the local socket address. Reported-by: Simone Margaritelli <simone@zimperium.com> Signed-off-by: Tom Tsou <tom.tsou@ettus.com>
2013-05-31syncing commonlibs with Many thanks to Michael Iedema for these patches, ↵kurtis.heimerl1-0/+9
makes config a lot better. git-svn-id: http://wush.net/svn/range/software/public/openbts/trunk@5655 19bc5d8c-e614-43d4-8b26-e1612bc8e597
2012-12-17From b453f10d65dd1ff1df0dd3747adf63f4e1fd7d30 Mon Sep 17 00:00:00 2001kurtis.heimerl1-11/+34
From: Alexander Chemeris <Alexander.Chemeris@gmail.com> Date: Sun, 16 Dec 2012 17:44:10 +0400 Subject: [PATCH] Use gethostbyname2_r() instead of gethostbyname() if available. gethostbyname() is not thread-safe. It's recommended to use gethostbyname_r() or gethostbyname2_r() instead. --- CommonLibs/Sockets.cpp | 44 +++++++++++++++++++++++++++++++++----------- configure.ac | 4 ++++ 2 files changed, 37 insertions(+), 11 deletions(-) git-svn-id: http://wush.net/svn/range/software/public/openbts/trunk@4637 19bc5d8c-e614-43d4-8b26-e1612bc8e597
2012-11-23missed something in one of the socket patches. now works as expectedkurtis.heimerl1-0/+1
git-svn-id: http://wush.net/svn/range/software/public/openbts/trunk@4516 19bc5d8c-e614-43d4-8b26-e1612bc8e597
2012-11-23r4425 in private:kurtis.heimerl1-1/+2
Double check the FD set to be sure that the correct FD was really touched. git-svn-id: http://wush.net/svn/range/software/public/openbts/trunk@4513 19bc5d8c-e614-43d4-8b26-e1612bc8e597
2012-11-23r4408 in private:kurtis.heimerl1-1/+1
Add code from David to keep the transceiver running when OpenBTS crashes and check if it is running when starting up. git-svn-id: http://wush.net/svn/range/software/public/openbts/trunk@4512 19bc5d8c-e614-43d4-8b26-e1612bc8e597
2011-12-24Locking gethostbyname call, as Alexander notes that it is not thread safekurtis.heimerl1-3/+4
git-svn-id: http://wush.net/svn/range/software/public/openbts/trunk@2865 19bc5d8c-e614-43d4-8b26-e1612bc8e597
2011-10-07Putting the actual OpenBTS P2.8 source code into the public SVN branch.dburgess1-0/+302
git-svn-id: http://wush.net/svn/range/software/public/openbts/trunk@2242 19bc5d8c-e614-43d4-8b26-e1612bc8e597
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-10 16:58:20 +0000