From da12db8923b90b697e34f70017de541d323100b6 Mon Sep 17 00:00:00 2001 From: Apple Date: Tue, 24 Mar 2020 21:33:03 +0000 Subject: [PATCH] configd-1061.40.2.tar.gz --- Plugins/IPMonitor/nat64-configuration.c | 13 ++++++------- config-agent-info/config_agent_info.c | 17 +++++++++++------ sctest/sctest-entitlements.plist | 2 ++ scutil.tproj/entitlements.plist | 2 ++ 4 files changed, 21 insertions(+), 13 deletions(-) diff --git a/Plugins/IPMonitor/nat64-configuration.c b/Plugins/IPMonitor/nat64-configuration.c index 02e6160..b44479f 100644 --- a/Plugins/IPMonitor/nat64-configuration.c +++ b/Plugins/IPMonitor/nat64-configuration.c @@ -397,7 +397,7 @@ NAT64PrefixRequestStart(NAT64PrefixRequestRef request) }; start_time = CFAbsoluteTimeGetCurrent(); handler = ^(int32_t num_prefixes, nw_nat64_prefix_t *prefixes) { - Boolean set_prefix_failed = FALSE; + Boolean remove_resolver = FALSE; if (!NAT64PrefixRequestFlagsIsSet(request, kRequestFlagsValid)) { @@ -407,10 +407,9 @@ NAT64PrefixRequestStart(NAT64PrefixRequestRef request) } if (prefixes != NULL) { /* set prefixes on the interface */ - if (!_nat64_prefix_set(request->if_name, - num_prefixes, prefixes)) { - set_prefix_failed = TRUE; - } + _nat64_prefix_set(request->if_name, + num_prefixes, prefixes); + remove_resolver = TRUE; } else { SC_log(LOG_ERR, "%s: NAT64 no prefixes", request->if_name); @@ -419,10 +418,10 @@ NAT64PrefixRequestStart(NAT64PrefixRequestRef request) num_prefixes, prefixes, start_time); #if TEST_NAT64_CONFIGURATION if (G_set_prefixes_force_failure) { - set_prefix_failed = TRUE; + remove_resolver = TRUE; } #endif /* TEST_NAT64_CONFIGURATION */ - if (set_prefix_failed) { + if (remove_resolver) { /* remove resolver */ NAT64PrefixRequestInvalidate(request); NAT64PrefixRequestRelease(request); diff --git a/config-agent-info/config_agent_info.c b/config-agent-info/config_agent_info.c index 4a6462e..3cb9963 100644 --- a/config-agent-info/config_agent_info.c +++ b/config-agent-info/config_agent_info.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2017 Apple Inc. All rights reserved. + * Copyright (c) 2015-2017, 2019 Apple Inc. All rights reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -36,8 +36,9 @@ get_agent_uuid_if_OOB_data_required(xpc_object_t info, uuid_t uuid) if (xpc_get_type(info) == XPC_TYPE_ARRAY) { xpc_array_apply(info, ^bool(size_t index, xpc_object_t value) { #pragma unused(index) - if (value && xpc_get_type(value) == XPC_TYPE_DICTIONARY) { - agent_uuid = xpc_dictionary_get_value(info, + if ((value != NULL) && + (xpc_get_type(value) == XPC_TYPE_DICTIONARY)) { + agent_uuid = xpc_dictionary_get_value(value, kConfigAgentOutOfBandDataUUID); if (agent_uuid != NULL) { return false; @@ -50,7 +51,9 @@ get_agent_uuid_if_OOB_data_required(xpc_object_t info, uuid_t uuid) kConfigAgentOutOfBandDataUUID); } - if (agent_uuid != NULL) { + if ((agent_uuid != NULL) && + (xpc_get_type(agent_uuid) == XPC_TYPE_DATA) && + (xpc_data_get_length(agent_uuid) >= sizeof(uuid_t))) { const void *bytes = xpc_data_get_bytes_ptr(agent_uuid); uuid_copy(uuid, bytes); } else { @@ -152,7 +155,8 @@ done: xpc_object_t config_agent_get_dns_nameservers(xpc_object_t resolver) { - if (resolver == NULL) { + if ((resolver == NULL) || + (xpc_get_type(resolver) != XPC_TYPE_DICTIONARY)) { return NULL; } @@ -162,7 +166,8 @@ config_agent_get_dns_nameservers(xpc_object_t resolver) xpc_object_t config_agent_get_dns_searchdomains(xpc_object_t resolver) { - if (resolver == NULL) { + if ((resolver == NULL) || + (xpc_get_type(resolver) != XPC_TYPE_DICTIONARY)) { return NULL; } diff --git a/sctest/sctest-entitlements.plist b/sctest/sctest-entitlements.plist index c07263d..003ed65 100644 --- a/sctest/sctest-entitlements.plist +++ b/sctest/sctest-entitlements.plist @@ -6,6 +6,8 @@ com.apple.private.necp.policies + com.apple.security.network.client + com.apple.SystemConfiguration.SCPreferences-write-access SCTestPreferences.plist diff --git a/scutil.tproj/entitlements.plist b/scutil.tproj/entitlements.plist index 8fc7442..ef8e0ab 100644 --- a/scutil.tproj/entitlements.plist +++ b/scutil.tproj/entitlements.plist @@ -4,5 +4,7 @@ com.apple.private.networkextension.configuration + com.apple.security.network.client + -- 2.45.2