Change in osmo-pcu[master]: check for overlong unix socket paths

This is merely a historical archive of years 2008-2021, before the migration to mailman3.

A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.

Harald Welte gerrit-no-reply at lists.osmocom.org
Wed Sep 26 07:26:36 UTC 2018


Harald Welte has submitted this change and it was merged. ( https://gerrit.osmocom.org/11048 )

Change subject: check for overlong unix socket paths
......................................................................

check for overlong unix socket paths

In pcu_l1if_open(), use osmo_strlcpy() instead of strncpy() and check for
overflow. This catches overlong and non-NUL-terminated socket paths.

Change-Id: I825190cbb34d052b797e9fb5208884d6f5992839
Related: OS#2673
---
M src/osmobts_sock.cpp
1 file changed, 5 insertions(+), 2 deletions(-)

Approvals:
  Jenkins Builder: Verified
  Harald Welte: Looks good to me, approved



diff --git a/src/osmobts_sock.cpp b/src/osmobts_sock.cpp
index 477521d..6b49347 100644
--- a/src/osmobts_sock.cpp
+++ b/src/osmobts_sock.cpp
@@ -265,8 +265,11 @@
 	}
 
 	local.sun_family = AF_UNIX;
-	strncpy(local.sun_path, bts->pcu_sock_path, sizeof(local.sun_path));
-	local.sun_path[sizeof(local.sun_path) - 1] = '\0';
+	if (osmo_strlcpy(local.sun_path, bts->pcu_sock_path, sizeof(local.sun_path)) >= sizeof(local.sun_path)) {
+		LOGP(DLGLOBAL, LOGL_ERROR, "Socket path exceeds maximum length of %zd bytes: %s\n",
+		     sizeof(local.sun_path), bts->pcu_sock_path);
+		return -ENOSPC;
+	}
 
 	/* we use the same magic that X11 uses in Xtranssock.c for
 	 * calculating the proper length of the sockaddr */

-- 
To view, visit https://gerrit.osmocom.org/11048
To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings

Gerrit-Project: osmo-pcu
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I825190cbb34d052b797e9fb5208884d6f5992839
Gerrit-Change-Number: 11048
Gerrit-PatchSet: 1
Gerrit-Owner: Stefan Sperling <ssperling at sysmocom.de>
Gerrit-Reviewer: Harald Welte <laforge at gnumonks.org>
Gerrit-Reviewer: Jenkins Builder (1000002)
Gerrit-CC: Vadim Yanitskiy <axilirator at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20180926/3313ec62/attachment.htm>


More information about the gerrit-log mailing list