SpSocket listens on 0.0.0.0 instead of 127.0.0.1
By Stefan Schmiedl - Posted on July 14th, 2009
| Project: | GNU Smalltalk |
| Component: | Bindings: Sockets |
| Category: | bug |
| Priority: | critical |
| Assigned: | Unassigned |
| Status: | fixed |
Description
The misbehavior shown below has potentially severe security implications:
$ gst -i "Global garbage collection... done" GNU Smalltalk ready st> PackageLoader fileInPackage: 'Sport' Loading package Sockets Loading package Sport PackageLoader st> s := SpSocket newTCPSocket a SpSocket st> s examine An instance of SpSocket underlyingSocket: nil class: Sockets.StreamSocket socketAddress: nil a SpSocket st> a := SpIPAddress hostName: '127.0.0.1' port: 4080 a SpIPAddress st> a examine An instance of SpIPAddress hostAddress: ByteArray (127 0 0 1 ) portNumber: 4080 a SpIPAddress st> s bindSocketAddress: a a SpSocket st> s examine An instance of SpSocket underlyingSocket: nil class: Sockets.StreamSocket socketAddress: a SpIPAddress a SpSocket st> s listenBackloggingUpTo: 1 a SpSocket st> s examine An instance of SpSocket underlyingSocket: Sockets.ServerSocket[0.0.0.0:4080] class: Sockets.StreamSocket socketAddress: a SpIPAddress a SpSocket
$ uname -a
Linux g128 2.6.27-gentoo-r7-0709 #2 SMP Thu Jul 9 07:42:50 CEST 2009 x86_64 Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz GenuineIntel GNU/Linux
smalltalk from git head: commit d9418db1e3827cdf4f63b220421f775d13f29e0e
Updates
#1 submitted by Paolo Bonzini on Tue, 07/21/2009 - 11:08
| Attachment: | gst-bind-bug.patch (972 bytes) |
Can you test this?
#2 submitted by Paolo Bonzini on Tue, 07/21/2009 - 20:20
| Status: | active | » fixed |
Fixed.