This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/gerrit-log@lists.osmocom.org/.
Harald Welte gerrit-no-reply at lists.osmocom.orgHarald Welte has submitted this change and it was merged. ( https://gerrit.osmocom.org/11048 ) Change subject: check for overlong unix socket paths ...................................................................... check for overlong unix socket paths In pcu_l1if_open(), use osmo_strlcpy() instead of strncpy() and check for overflow. This catches overlong and non-NUL-terminated socket paths. Change-Id: I825190cbb34d052b797e9fb5208884d6f5992839 Related: OS#2673 --- M src/osmobts_sock.cpp 1 file changed, 5 insertions(+), 2 deletions(-) Approvals: Jenkins Builder: Verified Harald Welte: Looks good to me, approved diff --git a/src/osmobts_sock.cpp b/src/osmobts_sock.cpp index 477521d..6b49347 100644 --- a/src/osmobts_sock.cpp +++ b/src/osmobts_sock.cpp @@ -265,8 +265,11 @@ } local.sun_family = AF_UNIX; - strncpy(local.sun_path, bts->pcu_sock_path, sizeof(local.sun_path)); - local.sun_path[sizeof(local.sun_path) - 1] = '\0'; + if (osmo_strlcpy(local.sun_path, bts->pcu_sock_path, sizeof(local.sun_path)) >= sizeof(local.sun_path)) { + LOGP(DLGLOBAL, LOGL_ERROR, "Socket path exceeds maximum length of %zd bytes: %s\n", + sizeof(local.sun_path), bts->pcu_sock_path); + return -ENOSPC; + } /* we use the same magic that X11 uses in Xtranssock.c for * calculating the proper length of the sockaddr */ -- To view, visit https://gerrit.osmocom.org/11048 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-pcu Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: I825190cbb34d052b797e9fb5208884d6f5992839 Gerrit-Change-Number: 11048 Gerrit-PatchSet: 1 Gerrit-Owner: Stefan Sperling <ssperling at sysmocom.de> Gerrit-Reviewer: Harald Welte <laforge at gnumonks.org> Gerrit-Reviewer: Jenkins Builder (1000002) Gerrit-CC: Vadim Yanitskiy <axilirator at gmail.com> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.osmocom.org/pipermail/gerrit-log/attachments/20180926/3313ec62/attachment.htm>