- User Since
- Feb 22 2017, 9:40 AM (141 w, 6 d)
Jul 3 2017
A miracle has happened. All of https://github.com/yongboy/bindp/pull/6 was merged by upstream.
Very well. So finally they applied our patch.
Jun 16 2017
@Patrick In the master branch the only difference in comparison to the original version that I can see is the main function at the bottom of the file. Did you not apply the changes? This code is still the previous one.
Is there a way to use functions like clock_settime without reporting to the log
Mar 16 2017
the clock_gettime and clock_settime functions are passing zero as their first parameters and that means CLOCK_REALTIME. Firstly the process needs root privilege to touch real time clock, secondly you need to somehow run it by strace like:
The C code itself doesn't have any CPU intensive instruction, if the problem is really what is written as inline C, I suspect the issue is either with
Mar 10 2017
Do you see any things a malicious application could to gain arbitrary code execution through bindp?
Mar 9 2017
@Patrick Do you have anything else from this project remained that needs extra working on ?
Mar 8 2017
Well the segfault error is strange here, I must run it locally with your setup to check and debug which is not possible for now, but it's good you made it work finally. Good job Patrick. Still I think PIE related options are not needed for libraries.
I will modify the code by tonight and send the new revisions.
Mar 7 2017
@Patrick Nice, now regular testing needs to be done from your side, please keep in mind that connect function has to change as well, but before that I must assure that current bind() works properly and as expected. If everything goes well I will write whole code from scratch for you by modifying init and connect functions.
Mar 6 2017
What does DSO mean?
Can we have all hardening with PIE enabled as well as without ld warning?
@Patrick You can compile without -fPIE (I think -fPIC is enough):
@Patrick The reason that I inserted curly braces is that the first line after "case AF_INET:" is not syntactically a statement, to work around this you may use a dummy sentence or use braces like what I did. The break keyword can be inside that block; there is no difference.
Mar 5 2017
@marmarek If the problem is only with applications listening on both AF_INET and AF_UNIX, I think the solution should be easy, we can change the bind function in a way that it only changes local address of the sockaddr_storage while the protocol family is AF_INET. For AF_UNIX address family there doesn't seem to be any need to change the address (the pathname of the socket). By applying these changes will the problem get solved? If yes, I will rewrite the bind function for you to test.
Feb 22 2017
Ok but I still don't know when exactly the problem occurs. The only place where the protocol family is checked is at line 145. This is all the scenario of the program:
What this code is doing is pretty clear but I don't know for what reason someone should use it. It simply binds the socket to a specific local address instead of the address the programmer of the external command probably decided to use. This results the incomming communication receive to that address instead of the default one . Note that this code only changes the LOCAL address whether the external command be client or server. It only does an additional bind() call. I should know how you use it that caused the problem so that I can reproduce the problem and work on it.
I used protocol families other than AF_INET and didn't observe the problem you reported.
Unfortunately the problem with this code has not been explained clear enough. It says "The only issue I see is it replace address in all bind calls" but in file 'https://github.com/Whonix/bindp/blob/master/bindp.c' there is no check for address family in your bind function, instead the check is done in connect function at line 145. Unless the packet which is sent to this connect function is corrupted I don't see a reason that the condition (rsk_in->sin_family == AF_INET) return a wrong result. A little more explanation about the problem would help solve it better.