conntrackd: use correct max unix path length

When copying value of "Path" option for unix socket, target buffer size is UNIX_MAX_PATH so that we must not copy more bytes than that. Also make sure that the path is null terminated and bail out if user provided path is too long rather than silently truncate it. Fixes: ce06fb606906 ("conntrackd: use strncpy() to unix path") Signed-off-by: Michal Kubecek <mkubecek@suse.cz> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Michal Kubecek <mkubecek@suse.cz> 2019-07-15 08:46:23 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-07-15 10:10:14 +0200
commit: b47e00e8a579519b163cb4faed017463bf64c40d (patch)
tree: 0d8fa9ff27705e050cbd99271b01f7be2b654c1a /src/read_config_yy.y
parent: c12fa8df76752b0a011430f069677b52e4dad164 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/src/read_config_yy.y b/src/read_config_yy.y
index ceba6fc..4311cd6 100644
--- a/src/read_config_yy.y
+++ b/src/read_config_yy.y
@@ -689,8 +689,13 @@ unix_options:
 
 unix_option : T_PATH T_PATH_VAL
 {
-	strncpy(conf.local.path, $2, PATH_MAX);
+	strncpy(conf.local.path, $2, UNIX_PATH_MAX);
 	free($2);
+	if (conf.local.path[UNIX_PATH_MAX - 1]) {
+		dlog(LOG_ERR, "UNIX Path is longer than %u characters",
+		     UNIX_PATH_MAX - 1);
+		exit(EXIT_FAILURE);
+	}
 };
 
 unix_option : T_BACKLOG T_NUMBER
author	Michal Kubecek <mkubecek@suse.cz>	2019-07-15 08:46:23 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-07-15 10:10:14 +0200
commit	b47e00e8a579519b163cb4faed017463bf64c40d (patch)
tree	0d8fa9ff27705e050cbd99271b01f7be2b654c1a /src/read_config_yy.y
parent	c12fa8df76752b0a011430f069677b52e4dad164 (diff)