From 96980c548d3a1aeb07ab6aaef45389efb058a69a Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Wed, 31 Aug 2022 13:00:52 +0200 Subject: local: Avoid sockaddr_un::sun_path buffer overflow The array's size in struct sockaddr_un is only UNIX_PATH_MAX and according to unix(7), it should hold a null-terminated string. So adjust config reader to reject paths of length UNIX_PATH_MAX and above and adjust the internal arrays to aid the compiler. Fixes: f196de88cdd97 ("src: fix strncpy -Wstringop-truncation warnings") Signed-off-by: Phil Sutter --- src/read_config_yy.y | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/read_config_yy.y b/src/read_config_yy.y index 5815d6a..a2154be 100644 --- a/src/read_config_yy.y +++ b/src/read_config_yy.y @@ -699,12 +699,12 @@ unix_options: unix_option : T_PATH T_PATH_VAL { - if (strlen($2) > UNIX_PATH_MAX) { + if (strlen($2) >= UNIX_PATH_MAX) { dlog(LOG_ERR, "Path is longer than %u characters", - UNIX_PATH_MAX); + UNIX_PATH_MAX - 1); exit(EXIT_FAILURE); } - snprintf(conf.local.path, sizeof(conf.local.path), "%s", $2); + strcpy(conf.local.path, $2); free($2); }; -- cgit v1.2.3