Harald Welte has submitted this change and it was merged. (
https://gerrit.osmocom.org/11046 )
Change subject: check for overlong unix socket paths
......................................................................
check for overlong unix socket paths
In rf_create_socket(), check the result of osmo_strlcpy().
This catches overlong and non-NUL-terminated socket paths.
Change-Id: I4b9ff9146068bf7f53d67c577454f32c02361b86
Related: OS#2673
---
M src/osmo-bsc/bsc_rf_ctrl.c
1 file changed, 5 insertions(+), 1 deletion(-)
Approvals:
Harald Welte: Looks good to me, approved
Jenkins Builder: Verified
diff --git a/src/osmo-bsc/bsc_rf_ctrl.c b/src/osmo-bsc/bsc_rf_ctrl.c
index f4a21b5..ac87fb9 100644
--- a/src/osmo-bsc/bsc_rf_ctrl.c
+++ b/src/osmo-bsc/bsc_rf_ctrl.c
@@ -450,8 +450,12 @@
}
local.sun_family = AF_UNIX;
- osmo_strlcpy(local.sun_path, path, sizeof(local.sun_path));
unlink(local.sun_path);
+ if (osmo_strlcpy(local.sun_path, path, sizeof(local.sun_path)) >=
sizeof(local.sun_path)) {
+ LOGP(DLINP, LOGL_ERROR, "Socket path exceeds maximum length of
%zd bytes: %s\n",
+ sizeof(local.sun_path), path);
+ return -1;
+ }
/* we use the same magic that X11 uses in Xtranssock.c for
* calculating the proper length of the sockaddr */
--
To view, visit https://gerrit.osmocom.org/11046
To unsubscribe, or for help writing mail filters, visit
https://gerrit.osmocom.org/settings
Gerrit-Project: osmo-bsc
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I4b9ff9146068bf7f53d67c577454f32c02361b86
Gerrit-Change-Number: 11046
Gerrit-PatchSet: 2
Gerrit-Owner: Stefan Sperling <ssperl...@sysmocom.de>
Gerrit-Reviewer: Harald Welte <lafo...@gnumonks.org>
Gerrit-Reviewer: Jenkins Builder (1000002)
