From 2d0db0c17493a1610c1127a97d96ca3295f17624 Mon Sep 17 00:00:00 2001 From: Cheena Malhotra Date: Tue, 13 Apr 2021 16:53:37 -0700 Subject: [PATCH 1/2] Fix Socket array length to avoid possible Out of bounds errors --- .../netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs index ddc9fdb0d3..b8c9a6f2cc 100644 --- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs +++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs @@ -327,7 +327,7 @@ private static Socket Connect(string serverName, int port, TimeSpan timeout, boo string IPv4String = null; string IPv6String = null; - Socket[] sockets = new Socket[2]; + Socket[] sockets = new Socket[ipAddresses.Length]; AddressFamily[] preferedIPFamilies = new AddressFamily[] { AddressFamily.InterNetwork, AddressFamily.InterNetworkV6 }; CancellationTokenSource cts = null; From ac6a903abff85017648015eb554962657a13bbee Mon Sep 17 00:00:00 2001 From: Cheena Malhotra Date: Wed, 14 Apr 2021 10:42:04 -0700 Subject: [PATCH 2/2] Address review feedback --- .../Data/SqlClient/SNI/SNITcpHandle.cs | 25 +++++++++++++------ 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs index b8c9a6f2cc..4ca0631c51 100644 --- a/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs +++ b/src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SNI/SNITcpHandle.cs @@ -327,6 +327,12 @@ private static Socket Connect(string serverName, int port, TimeSpan timeout, boo string IPv4String = null; string IPv6String = null; + // Returning null socket is handled by the caller function. + if(ipAddresses == null || ipAddresses.Length == 0) + { + return null; + } + Socket[] sockets = new Socket[ipAddresses.Length]; AddressFamily[] preferedIPFamilies = new AddressFamily[] { AddressFamily.InterNetwork, AddressFamily.InterNetworkV6 }; @@ -360,6 +366,8 @@ void Cancel() Socket availableSocket = null; try { + int n = 0; // Socket index + // We go through the IP list twice. // In the first traversal, we only try to connect with the preferedIPFamilies[0]. // In the second traversal, we only try to connect with the preferedIPFamilies[1]. @@ -371,18 +379,18 @@ void Cancel() { if (ipAddress != null && ipAddress.AddressFamily == preferedIPFamilies[i]) { - sockets[i] = new Socket(ipAddress.AddressFamily, SocketType.Stream, ProtocolType.Tcp); + sockets[n] = new Socket(ipAddress.AddressFamily, SocketType.Stream, ProtocolType.Tcp); // enable keep-alive on socket - SetKeepAliveValues(ref sockets[i]); + SetKeepAliveValues(ref sockets[n]); SqlClientEventSource.Log.TrySNITraceEvent(s_className, EventType.INFO, "Connecting to IP address {0} and port {1}", args0: ipAddress, args1: port); - sockets[i].Connect(ipAddress, port); - if (sockets[i] != null) // sockets[i] can be null if cancel callback is executed during connect() + sockets[n].Connect(ipAddress, port); + if (sockets[n] != null) // sockets[i] can be null if cancel callback is executed during connect() { - if (sockets[i].Connected) + if (sockets[n].Connected) { - availableSocket = sockets[i]; + availableSocket = sockets[n]; if (ipAddress.AddressFamily == AddressFamily.InterNetwork) { @@ -397,10 +405,11 @@ void Cancel() } else { - sockets[i].Dispose(); - sockets[i] = null; + sockets[n].Dispose(); + sockets[n] = null; } } + n++; } } catch (Exception e)