[lxc-devel] make lxc_af_unix_open() safely return error on long pathnames
Dwight Engen
dwight.engen at oracle.com
Mon Apr 22 15:16:57 UTC 2013
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
---
src/lxc/af_unix.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c
index eff13d4..45fe128 100644
--- a/src/lxc/af_unix.c
+++ b/src/lxc/af_unix.c
@@ -36,6 +36,7 @@ lxc_log_define(lxc_af_unix, lxc);
int lxc_af_unix_open(const char *path, int type, int flags)
{
int fd;
+ size_t len;
struct sockaddr_un addr;
if (flags & O_TRUNC)
@@ -52,8 +53,16 @@ int lxc_af_unix_open(const char *path, int type, int flags)
addr.sun_family = AF_UNIX;
/* copy entire buffer in case of abstract socket */
- memcpy(addr.sun_path, path,
- path[0]?strlen(path):sizeof(addr.sun_path));
+ len = sizeof(addr.sun_path);
+ if (path[0]) {
+ len = strlen(path);
+ if (len >= sizeof(addr.sun_path)) {
+ close(fd);
+ errno = ENAMETOOLONG;
+ return -1;
+ }
+ }
+ memcpy(addr.sun_path, path, len);
if (bind(fd, (struct sockaddr *)&addr, sizeof(addr))) {
int tmp = errno;
@@ -61,7 +70,7 @@ int lxc_af_unix_open(const char *path, int type, int flags)
errno = tmp;
return -1;
}
-
+
if (type == SOCK_STREAM && listen(fd, 100)) {
int tmp = errno;
close(fd);
@@ -76,7 +85,7 @@ int lxc_af_unix_close(int fd)
{
struct sockaddr_un addr;
socklen_t addrlen = sizeof(addr);
-
+
if (!getsockname(fd, (struct sockaddr *)&addr, &addrlen) &&
addr.sun_path[0])
unlink(addr.sun_path);
--
1.8.1.4
More information about the lxc-devel
mailing list