[bug] SpSocket listens on 0.0.0.0 instead of 127.0.0.1

Issue status update for
http://smalltalk.gnu.org/node/342
Post a follow up:
http://smalltalk.gnu.org/project/comments/add/342

 Project:      GNU Smalltalk
 Version:      <none>
 Component:    Bindings: Sockets
 Category:     bug reports
 Priority:     critical
 Assigned to:  Unassigned
 Reported by:  swsch
 Updated by:   swsch
 Status:       active

The misbehavior shown below has potentially severe security
implications:

 $ gst -i
 "Global garbage collection... done"
 GNU Smalltalk ready
 
 st> PackageLoader fileInPackage: 'Sport'
 Loading package Sockets
 Loading package Sport
 PackageLoader
 st> s := SpSocket newTCPSocket
 a SpSocket
 st> s examine
 An instance of SpSocket
   underlyingSocket: nil
   class: Sockets.StreamSocket
   socketAddress: nil
 a SpSocket
 st> a := SpIPAddress hostName: '127.0.0.1' port: 4080
 a SpIPAddress
 st> a examine
 An instance of SpIPAddress
   hostAddress: ByteArray (127 0 0 1 )
   portNumber: 4080
 a SpIPAddress
 st> s bindSocketAddress: a
 a SpSocket
 st> s examine
 An instance of SpSocket
   underlyingSocket: nil
   class: Sockets.StreamSocket
   socketAddress: a SpIPAddress
 a SpSocket
 st> s listenBackloggingUpTo: 1
 a SpSocket
 st> s examine
 An instance of SpSocket
   underlyingSocket: Sockets.ServerSocket[0.0.0.0:4080]
   class: Sockets.StreamSocket
   socketAddress: a SpIPAddress
 a SpSocket

$ uname -a
Linux g128 2.6.27-gentoo-r7-0709 #2 SMP Thu Jul 9 07:42:50 CEST 2009
x86_64 Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz GenuineIntel
GNU/Linux

smalltalk from git head: commit
d9418db1e3827cdf4f63b220421f775d13f29e0e




_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk

Issue status update for
http://smalltalk.gnu.org/project/issue/342
Post a follow up:
http://smalltalk.gnu.org/project/comments/add/342

 Project:      GNU Smalltalk
 Version:      <none>
 Component:    Bindings: Sockets
 Category:     bug reports
 Priority:     critical
 Assigned to:  Unassigned
 Reported by:  swsch
 Updated by:   bonzinip
 Status:       active
 Attachment:   http://smalltalk.gnu.org/files/issues/gst-bind-bug.patch (972 bytes)

Can you test this?




_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk

On Tue, 21 Jul 2009 04:08:15 -0700
Paolo Bonzini <[hidden email]> wrote:

Of course:

patching git head gives:

Object: SpIPAddress error: did not understand #newSocket:
MessageNotUnderstood(Exception)>>signal (AnsiExcept.st:216)
SpIPAddress class(Object)>>doesNotUnderstand: #newSocket: (AnsiExcept.st:1556)
Sockets.ServerSocket class>>port:queueSize:bindTo: (Sockets.star#VFS.ZipFile/Sockets.st:943)

NB: there's a typo in the first comment line of the patch:
"incoming" uses only one "m".

s.


_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk

> patching git head gives:
>
> Object: SpIPAddress error: did not understand #newSocket:
> MessageNotUnderstood(Exception)>>signal (AnsiExcept.st:216)
> SpIPAddress class(Object)>>doesNotUnderstand: #newSocket: (AnsiExcept.st:1556)
> Sockets.ServerSocket class>>port:queueSize:bindTo: (Sockets.star#VFS.ZipFile/Sockets.st:943)

Ah, indeed.  Sport vs. GNU Smalltalk objects.  The #bindTo: line should
read:

     bindTo: (Sockets.IPAddress fromBytes: socketAddress hostAddress).

Paolo


_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk

On Tue, 21 Jul 2009 18:28:35 +0200
Paolo Bonzini <[hidden email]> wrote:

> Ah, indeed.  Sport vs. GNU Smalltalk objects.  The #bindTo: line should
> read:
>
>      bindTo: (Sockets.IPAddress fromBytes: socketAddress hostAddress).
>

Running my original testcase in the OP now gives the expected result:

stefan@g128 ot $ netstat -lpn | grep 4080
tcp        0      0 127.0.0.1:4080          0.0.0.0:*               LISTEN     16881/gst          

Thanks a lot!

s.


_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk

Issue status update for
http://smalltalk.gnu.org/project/issue/342
Post a follow up:
http://smalltalk.gnu.org/project/comments/add/342

 Project:      GNU Smalltalk
 Version:      <none>
 Component:    Bindings: Sockets
 Category:     bug reports
 Priority:     critical
 Assigned to:  Unassigned
 Reported by:  swsch
 Updated by:   bonzinip
-Status:       active
+Status:       fixed

Fixed.




_______________________________________________
help-smalltalk mailing list
[hidden email]
http://lists.gnu.org/mailman/listinfo/help-smalltalk