<p>Stefan Sperling has uploaded this change for <strong>review</strong>.</p><p><a href="https://gerrit.osmocom.org/10647">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">Properly deal with sockaddr_un socket path length limitations.<br><br>When parsing the configuration, reject a socket path which<br>exceeds the maximum size supported by the operating system.<br><br>In unixsocket_line_update() stop copying the line's socket path to a<br>local buffer. The path will be copied again in osmo_sock_unix_init().<br><br>Both changes are portable; we don't assume any particular socket<br>path length since the size differs between implementations of Unix,<br>and we rely only on information from the generic sys/un.h header.<br><br>Change-Id: I36344805a825f5d0e0c9d218d438d8fd985ed9ca<br>Related: OS#2673<br>---<br>M src/e1_input_vty.c<br>M src/input/unixsocket.c<br>2 files changed, 18 insertions(+), 7 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.osmocom.org:29418/libosmo-abis refs/changes/47/10647/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/src/e1_input_vty.c b/src/e1_input_vty.c</span><br><span>index 0e4575f..653c573 100644</span><br><span>--- a/src/e1_input_vty.c</span><br><span>+++ b/src/e1_input_vty.c</span><br><span>@@ -23,6 +23,7 @@</span><br><span> #include <stdlib.h></span><br><span> #include <unistd.h></span><br><span> #include <string.h></span><br><span style="color: hsl(120, 100%, 40%);">+#include <sys/un.h></span><br><span> </span><br><span> #include <osmocom/core/linuxlist.h></span><br><span> #include <osmocom/core/talloc.h></span><br><span>@@ -98,6 +99,14 @@</span><br><span> {</span><br><span> struct e1inp_line *line;</span><br><span> int e1_nr = atoi(argv[0]);</span><br><span style="color: hsl(120, 100%, 40%);">+ struct sockaddr_un sun;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Don't exceed the maximum unix socket path length. See the unix(7) man page.*/</span><br><span style="color: hsl(120, 100%, 40%);">+ if (strlen(argv[1]) > sizeof(sun.sun_path)) {</span><br><span style="color: hsl(120, 100%, 40%);">+ vty_out(vty, "%% Socket path length exceeds %zd bytes: '%s'%s",</span><br><span style="color: hsl(120, 100%, 40%);">+ sizeof(sun.sun_path), argv[1], VTY_NEWLINE);</span><br><span style="color: hsl(120, 100%, 40%);">+ return CMD_WARNING;</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span> </span><br><span> line = e1inp_line_find(e1_nr);</span><br><span> if (!line) {</span><br><span>diff --git a/src/input/unixsocket.c b/src/input/unixsocket.c</span><br><span>index c49928d..f06345e 100644</span><br><span>--- a/src/input/unixsocket.c</span><br><span>+++ b/src/input/unixsocket.c</span><br><span>@@ -28,6 +28,7 @@</span><br><span> #include <stdio.h></span><br><span> #include <unistd.h></span><br><span> #include <sys/socket.h></span><br><span style="color: hsl(120, 100%, 40%);">+#include <sys/un.h></span><br><span> #include <limits.h></span><br><span> #include <string.h></span><br><span> </span><br><span>@@ -228,16 +229,11 @@</span><br><span> static int unixsocket_line_update(struct e1inp_line *line)</span><br><span> {</span><br><span> struct unixsocket_line *config;</span><br><span style="color: hsl(0, 100%, 40%);">- char sock_path[PATH_MAX];</span><br><span style="color: hsl(120, 100%, 40%);">+ char default_sock_path[sizeof(struct sockaddr_un) + 1]; /* see unix(7) man page */</span><br><span style="color: hsl(120, 100%, 40%);">+ char *sock_path;</span><br><span> int ret = 0;</span><br><span> int i;</span><br><span> </span><br><span style="color: hsl(0, 100%, 40%);">- if (line->sock_path)</span><br><span style="color: hsl(0, 100%, 40%);">- osmo_strlcpy(sock_path, line->sock_path, PATH_MAX);</span><br><span style="color: hsl(0, 100%, 40%);">- else</span><br><span style="color: hsl(0, 100%, 40%);">- sprintf(sock_path, "%s%d", UNIXSOCKET_SOCK_PATH_DEFAULT,</span><br><span style="color: hsl(0, 100%, 40%);">- line->num);</span><br><span style="color: hsl(0, 100%, 40%);">-</span><br><span> LOGP(DLINP, LOGL_NOTICE, "line update (line=%p)\n", line);</span><br><span> </span><br><span> if (!line->driver_data)</span><br><span>@@ -255,6 +251,12 @@</span><br><span> config->fd.cb = unixsocket_cb;</span><br><span> </span><br><span> /* Open unix domain socket */</span><br><span style="color: hsl(120, 100%, 40%);">+ if (line->sock_path == NULL) {</span><br><span style="color: hsl(120, 100%, 40%);">+ snprintf(default_sock_path, sizeof(default_sock_path), "%s%d",</span><br><span style="color: hsl(120, 100%, 40%);">+ UNIXSOCKET_SOCK_PATH_DEFAULT, line->num);</span><br><span style="color: hsl(120, 100%, 40%);">+ sock_path = default_sock_path;</span><br><span style="color: hsl(120, 100%, 40%);">+ } else</span><br><span style="color: hsl(120, 100%, 40%);">+ sock_path = line->sock_path;</span><br><span> ret = osmo_sock_unix_init(SOCK_SEQPACKET, 0, sock_path,</span><br><span> OSMO_SOCK_F_CONNECT);</span><br><span> if (ret < 0) {</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.osmocom.org/10647">change 10647</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.osmocom.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.osmocom.org/10647"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: libosmo-abis </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: I36344805a825f5d0e0c9d218d438d8fd985ed9ca </div>
<div style="display:none"> Gerrit-Change-Number: 10647 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Stefan Sperling <ssperling@sysmocom.de> </div>