need to use strncmp for relative path check:
if (!strncmp (s, "/./", 3) || !strncmp (s, "/../", 4))
{
++s;
}
On Wed, Jun 21, 2017 at 8:53 AM, Zartaj Majeed <[email protected]> wrote:
> This update to the patch adds the following:
>
> 1. Check socket file path length less than sizeof sun_path array in
> struct sockaddr_un
> 2. Allow relative socket file paths starting with "./" or "../". This
> means the pseudo filename opened in bash is of the form
> "/dev/unixstream/./xyz.sock" or "/dev/unixdgram/../xyz.sock"
>
>
> + s = strchr (path+9, '/');
> + /* relative path starts with '"./" or "../" */
> + if (s[1] == '.' && s[2] == '/' ||
> + s[1] == '.' && s[2] == '.' && s[3] == '/')
> + {
> + ++s;
> + }
> + fd = _usockopen (s, path[9]);
> +
>
