Change in libosmo-abis[master]: ensure unix socket paths are NUL-terminated for bind/connect

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Harald Welte gerrit-no-reply at lists.osmocom.org
Wed Sep 26 07:25:50 UTC 2018


Harald Welte has submitted this change and it was merged. ( https://gerrit.osmocom.org/11045 )

Change subject: ensure unix socket paths are NUL-terminated for bind/connect
......................................................................

ensure unix socket paths are NUL-terminated for bind/connect

The unix(7) man page recommends that sun_path is NUL-terminated
when struct sockaddr_un is passed to a bind() or connect() call.
Non-NUL-terminated paths only need to be dealt with at the
receiving end of a UNIX domain socket.

Commit b24efa5 erroneously assumed otherwise.

Change-Id: I9beecfa500db75cb679b1edcc352c893bf098b13
Fixes: b24efa551dc91e177c5cb8da674e9f8432d52dc9
Related: OS#2673
---
M src/e1_input_vty.c
M src/input/unixsocket.c
2 files changed, 15 insertions(+), 7 deletions(-)

Approvals:
  Jenkins Builder: Verified
  Harald Welte: Looks good to me, approved



diff --git a/src/e1_input_vty.c b/src/e1_input_vty.c
index 653c573..d81c859 100644
--- a/src/e1_input_vty.c
+++ b/src/e1_input_vty.c
@@ -101,10 +101,10 @@
 	int e1_nr = atoi(argv[0]);
 	struct sockaddr_un sun;
 
-	/* Don't exceed the maximum unix socket path length. See the unix(7) man page.*/
-	if (strlen(argv[1]) > sizeof(sun.sun_path)) {
+	/* Don't exceed the maximum unix socket path length, including a NUL byte. See the unix(7) man page.*/
+	if (strlen(argv[1]) > sizeof(sun.sun_path) - 1) {
 		vty_out(vty, "%% Socket path length exceeds %zd bytes: '%s'%s",
-			sizeof(sun.sun_path), argv[1], VTY_NEWLINE);
+			sizeof(sun.sun_path) - 1, argv[1], VTY_NEWLINE);
 		return CMD_WARNING;
 	}
 
diff --git a/src/input/unixsocket.c b/src/input/unixsocket.c
index 00e1f9b..bc4b357 100644
--- a/src/input/unixsocket.c
+++ b/src/input/unixsocket.c
@@ -229,7 +229,7 @@
 static int unixsocket_line_update(struct e1inp_line *line)
 {
 	struct unixsocket_line *config;
-	char default_sock_path[sizeof(struct sockaddr_un) + 1]; /* see unix(7) man page */
+	struct sockaddr_un un;
 	const char *sock_path;
 	int ret = 0;
 	int i;
@@ -252,9 +252,17 @@
 
 	/* Open unix domain socket */
 	if (line->sock_path == NULL) {
-		snprintf(default_sock_path, sizeof(default_sock_path), "%s%d",
-			 UNIXSOCKET_SOCK_PATH_DEFAULT, line->num);
-		sock_path = default_sock_path;
+		ret = snprintf(un.sun_path, sizeof(un.sun_path), "%s%d",
+		    UNIXSOCKET_SOCK_PATH_DEFAULT, line->num);
+		if (ret == -1) {
+			LOGP(DLINP, LOGL_ERROR, "Cannot create default socket path: %s\n", strerror(errno));
+			return -errno;
+		} else if (ret >= sizeof(un.sun_path)) {
+			LOGP(DLINP, LOGL_ERROR, "Default socket path exceeds %zd bytes: %s%d\n",
+			     sizeof(un.sun_path), UNIXSOCKET_SOCK_PATH_DEFAULT, line->num);
+			return -ENOSPC;
+		}
+		sock_path = un.sun_path;
 	} else
 		sock_path = line->sock_path;
 	ret = osmo_sock_unix_init(SOCK_SEQPACKET, 0, sock_path,

-- 
To view, visit https://gerrit.osmocom.org/11045
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: libosmo-abis
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I9beecfa500db75cb679b1edcc352c893bf098b13
Gerrit-Change-Number: 11045
Gerrit-PatchSet: 1
Gerrit-Owner: Stefan Sperling <ssperling at sysmocom.de>
Gerrit-Reviewer: Harald Welte <laforge at gnumonks.org>
Gerrit-Reviewer: Jenkins Builder (1000002)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20180926/5e5bebf5/attachment.htm>


More information about the gerrit-log mailing list