61 lines
1.7 KiB
Diff
61 lines
1.7 KiB
Diff
From 937ae00b413b46f84aa77b5ca0dae38ed2b3415a Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <phil@nwl.cc>
|
|
Date: Wed, 31 Aug 2022 13:00:52 +0200
|
|
Subject: [PATCH] local: Avoid sockaddr_un::sun_path buffer overflow
|
|
|
|
The array's size in struct sockaddr_un is only UNIX_PATH_MAX and
|
|
according to unix(7), it should hold a null-terminated string. So adjust
|
|
config reader to reject paths of length UNIX_PATH_MAX and above and
|
|
adjust the internal arrays to aid the compiler.
|
|
|
|
Fixes: f196de88cdd97 ("src: fix strncpy -Wstringop-truncation warnings")
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
(cherry picked from commit 96980c548d3a1aeb07ab6aaef45389efb058a69a)
|
|
---
|
|
include/local.h | 4 ++--
|
|
src/read_config_yy.y | 6 +++---
|
|
2 files changed, 5 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/include/local.h b/include/local.h
|
|
index 9379446732eed..22859d7ab60aa 100644
|
|
--- a/include/local.h
|
|
+++ b/include/local.h
|
|
@@ -7,12 +7,12 @@
|
|
|
|
struct local_conf {
|
|
int reuseaddr;
|
|
- char path[UNIX_PATH_MAX + 1];
|
|
+ char path[UNIX_PATH_MAX];
|
|
};
|
|
|
|
struct local_server {
|
|
int fd;
|
|
- char path[UNIX_PATH_MAX + 1];
|
|
+ char path[UNIX_PATH_MAX];
|
|
};
|
|
|
|
/* callback return values */
|
|
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
|
|
index 401a1575014d0..d208a6a0617cf 100644
|
|
--- a/src/read_config_yy.y
|
|
+++ b/src/read_config_yy.y
|
|
@@ -699,12 +699,12 @@ unix_options:
|
|
|
|
unix_option : T_PATH T_PATH_VAL
|
|
{
|
|
- if (strlen($2) > UNIX_PATH_MAX) {
|
|
+ if (strlen($2) >= UNIX_PATH_MAX) {
|
|
dlog(LOG_ERR, "Path is longer than %u characters",
|
|
- UNIX_PATH_MAX);
|
|
+ UNIX_PATH_MAX - 1);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
- snprintf(conf.local.path, sizeof(conf.local.path), "%s", $2);
|
|
+ strcpy(conf.local.path, $2);
|
|
free($2);
|
|
};
|
|
|
|
--
|
|
2.34.1
|
|
|