summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeremy Sowden <jeremy@azazel.net>2021-11-30 10:55:37 +0000
committerPablo Neira Ayuso <pablo@netfilter.org>2021-11-30 23:05:26 +0100
commit50c34491453db218d44856bd769a478eb6bf42e8 (patch)
tree48a516c3fba95bedfb651704b0828ddb5dd4c7ef
parent103a52a1b09991d88ff38991b6b6837a1dd0a1ab (diff)
input: UNIXSOCK: fix possible truncation of socket path
Verify that the socket path is short enough, and replace `strncpy` with `strcpy`. Signed-off-by: Jeremy Sowden <jeremy@azazel.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat
-rw-r--r--input/packet/ulogd_inppkt_UNIXSOCK.c15
1 files changed, 10 insertions, 5 deletions
diff --git a/input/packet/ulogd_inppkt_UNIXSOCK.c b/input/packet/ulogd_inppkt_UNIXSOCK.c
index 3f3abc3..0080c6a 100644
--- a/input/packet/ulogd_inppkt_UNIXSOCK.c
+++ b/input/packet/ulogd_inppkt_UNIXSOCK.c
@@ -474,10 +474,19 @@ static int handle_packet(struct ulogd_pluginstance *upi, struct ulogd_unixsock_p
static int _create_unix_socket(const char *unix_path)
{
+ struct sockaddr_un server_sock = { .sun_family = AF_UNIX };
int ret = -1;
- struct sockaddr_un server_sock;
int s;
+ if (strlen(unix_path) >= sizeof(server_sock.sun_path)) {
+ ulogd_log(ULOGD_ERROR,
+ "ulogd2: unix socket path '%s' too long\n",
+ unix_path);
+ return -1;
+ }
+
+ strcpy(server_sock.sun_path, unix_path);
+
s = socket(AF_UNIX, SOCK_STREAM, 0);
if (s < 0) {
ulogd_log(ULOGD_ERROR,
@@ -485,10 +494,6 @@ static int _create_unix_socket(const char *unix_path)
return -1;
}
- server_sock.sun_family = AF_UNIX;
- strncpy(server_sock.sun_path, unix_path, sizeof(server_sock.sun_path));
- server_sock.sun_path[sizeof(server_sock.sun_path)-1] = '\0';
-
ret = bind(s, (struct sockaddr *)&server_sock, sizeof(server_sock));
if (ret < 0) {
ulogd_log(ULOGD_ERROR,