The vhost-user-bridge binary accepts a UNIX socket path on the command line. Sanity check that this is short enough to fit into a sockaddr_un before copying it in.
Fixes: Coverity CID 1432866 Signed-off-by: Peter Maydell <peter.mayd...@linaro.org> --- tests/vhost-user-bridge.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/vhost-user-bridge.c b/tests/vhost-user-bridge.c index 24815920b2b..cb009545fa5 100644 --- a/tests/vhost-user-bridge.c +++ b/tests/vhost-user-bridge.c @@ -540,6 +540,11 @@ vubr_new(const char *path, bool client) CallbackFunc cb; size_t len; + if (strlen(path) >= sizeof(un.sun_path)) { + fprintf(stderr, "unix domain socket path '%s' is too long\n", path); + exit(1); + } + /* Get a UNIX socket. */ dev->sock = socket(AF_UNIX, SOCK_STREAM, 0); if (dev->sock == -1) { -- 2.20.1