summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2022-08-31 13:00:52 +0200
committerPhil Sutter <phil@nwl.cc>2022-08-31 17:05:01 +0200
commit96980c548d3a1aeb07ab6aaef45389efb058a69a (patch)
tree81647e9ef472af9d1ace0942d659ff0b5aed6bc5
parentc23f117ed4414aa848f273a6e77850471ce21e0e (diff)
local: Avoid sockaddr_un::sun_path buffer overflowHEADmaster
The array's size in struct sockaddr_un is only UNIX_PATH_MAX and according to unix(7), it should hold a null-terminated string. So adjust config reader to reject paths of length UNIX_PATH_MAX and above and adjust the internal arrays to aid the compiler. Fixes: f196de88cdd97 ("src: fix strncpy -Wstringop-truncation warnings") Signed-off-by: Phil Sutter <phil@nwl.cc>
-rw-r--r--include/local.h4
-rw-r--r--src/read_config_yy.y6
2 files changed, 5 insertions, 5 deletions
diff --git a/include/local.h b/include/local.h
index 9379446..22859d7 100644
--- a/include/local.h
+++ b/include/local.h
@@ -7,12 +7,12 @@
struct local_conf {
int reuseaddr;
- char path[UNIX_PATH_MAX + 1];
+ char path[UNIX_PATH_MAX];
};
struct local_server {
int fd;
- char path[UNIX_PATH_MAX + 1];
+ char path[UNIX_PATH_MAX];
};
/* callback return values */
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
index 5815d6a..a2154be 100644
--- a/src/read_config_yy.y
+++ b/src/read_config_yy.y
@@ -699,12 +699,12 @@ unix_options:
unix_option : T_PATH T_PATH_VAL
{
- if (strlen($2) > UNIX_PATH_MAX) {
+ if (strlen($2) >= UNIX_PATH_MAX) {
dlog(LOG_ERR, "Path is longer than %u characters",
- UNIX_PATH_MAX);
+ UNIX_PATH_MAX - 1);
exit(EXIT_FAILURE);
}
- snprintf(conf.local.path, sizeof(conf.local.path), "%s", $2);
+ strcpy(conf.local.path, $2);
free($2);
};