[hackers] [quark] Check for UNIX-doman socket name truncation || Laslo Hunhold
commit bdff59a5f645a0b79f0a116d313d13f7ed9603ec
Author: Laslo Hunhold <dev_AT_frign.de>
AuthorDate: Tue Jul 4 22:44:47 2017 +0200
Commit: Laslo Hunhold <dev_AT_frign.de>
CommitDate: Tue Jul 4 22:44:47 2017 +0200
Check for UNIX-doman socket name truncation
diff --git a/quark.c b/quark.c
index 817f78d..e3c3058 100644
--- a/quark.c
+++ b/quark.c
_AT_@ -841,6 +841,7 @@ static int
getusock(char *udsname)
{
struct sockaddr_un addr;
+ size_t udsnamelen;
int insock;
if ((insock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
_AT_@ -849,7 +850,11 @@ getusock(char *udsname)
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
- strncpy(addr.sun_path, udsname, sizeof(addr.sun_path) - 1);
+
+ if ((udsnamelen = strlen(udsname)) > sizeof(addr.sun_path) - 1) {
+ die("%s: UNIX-domain socket name truncated\n", argv0);
+ }
+ memcpy(addr.sun_path, udsname, udsnamelen + 1);
unlink(udsname);
Received on Tue Jul 04 2017 - 22:45:07 CEST
This archive was generated by hypermail 2.3.0
: Tue Jul 04 2017 - 22:48:44 CEST