Change in osmo-bsc[master]: check for overlong unix socket paths
Harald Welte has submitted this change and it was merged. ( https://gerrit.osmocom.org/11046 ) Change subject: check for overlong unix socket paths .. check for overlong unix socket paths In rf_create_socket(), check the result of osmo_strlcpy(). This catches overlong and non-NUL-terminated socket paths. Change-Id: I4b9ff9146068bf7f53d67c577454f32c02361b86 Related: OS#2673 --- M src/osmo-bsc/bsc_rf_ctrl.c 1 file changed, 5 insertions(+), 1 deletion(-) Approvals: Harald Welte: Looks good to me, approved Jenkins Builder: Verified diff --git a/src/osmo-bsc/bsc_rf_ctrl.c b/src/osmo-bsc/bsc_rf_ctrl.c index f4a21b5..ac87fb9 100644 --- a/src/osmo-bsc/bsc_rf_ctrl.c +++ b/src/osmo-bsc/bsc_rf_ctrl.c @@ -450,8 +450,12 @@ } local.sun_family = AF_UNIX; - osmo_strlcpy(local.sun_path, path, sizeof(local.sun_path)); unlink(local.sun_path); + if (osmo_strlcpy(local.sun_path, path, sizeof(local.sun_path)) >= sizeof(local.sun_path)) { + LOGP(DLINP, LOGL_ERROR, "Socket path exceeds maximum length of %zd bytes: %s\n", +sizeof(local.sun_path), path); + return -1; + } /* we use the same magic that X11 uses in Xtranssock.c for * calculating the proper length of the sockaddr */ -- To view, visit https://gerrit.osmocom.org/11046 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-bsc Gerrit-Branch: master Gerrit-MessageType: merged Gerrit-Change-Id: I4b9ff9146068bf7f53d67c577454f32c02361b86 Gerrit-Change-Number: 11046 Gerrit-PatchSet: 2 Gerrit-Owner: Stefan Sperling Gerrit-Reviewer: Harald Welte Gerrit-Reviewer: Jenkins Builder (102)
Change in osmo-bsc[master]: check for overlong unix socket paths
Harald Welte has posted comments on this change. ( https://gerrit.osmocom.org/11046 ) Change subject: check for overlong unix socket paths .. Patch Set 1: Code-Review+2 -- To view, visit https://gerrit.osmocom.org/11046 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-bsc Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I4b9ff9146068bf7f53d67c577454f32c02361b86 Gerrit-Change-Number: 11046 Gerrit-PatchSet: 1 Gerrit-Owner: Stefan Sperling Gerrit-Reviewer: Harald Welte Gerrit-Reviewer: Jenkins Builder (102) Gerrit-Comment-Date: Fri, 21 Sep 2018 08:19:26 + Gerrit-HasComments: No Gerrit-HasLabels: Yes
Change in osmo-bsc[master]: check for overlong unix socket paths
Stefan Sperling has uploaded this change for review. ( https://gerrit.osmocom.org/11046 Change subject: check for overlong unix socket paths .. check for overlong unix socket paths In rf_create_socket(), check the result of osmo_strlcpy(). This catches overlong and non-NUL-terminated socket paths. Change-Id: I4b9ff9146068bf7f53d67c577454f32c02361b86 Related: OS#2673 --- M src/osmo-bsc/bsc_rf_ctrl.c 1 file changed, 5 insertions(+), 1 deletion(-) git pull ssh://gerrit.osmocom.org:29418/osmo-bsc refs/changes/46/11046/1 diff --git a/src/osmo-bsc/bsc_rf_ctrl.c b/src/osmo-bsc/bsc_rf_ctrl.c index f4a21b5..ac87fb9 100644 --- a/src/osmo-bsc/bsc_rf_ctrl.c +++ b/src/osmo-bsc/bsc_rf_ctrl.c @@ -450,8 +450,12 @@ } local.sun_family = AF_UNIX; - osmo_strlcpy(local.sun_path, path, sizeof(local.sun_path)); unlink(local.sun_path); + if (osmo_strlcpy(local.sun_path, path, sizeof(local.sun_path)) >= sizeof(local.sun_path)) { + LOGP(DLINP, LOGL_ERROR, "Socket path exceeds maximum length of %zd bytes: %s\n", +sizeof(local.sun_path), path); + return -1; + } /* we use the same magic that X11 uses in Xtranssock.c for * calculating the proper length of the sockaddr */ -- To view, visit https://gerrit.osmocom.org/11046 To unsubscribe, or for help writing mail filters, visit https://gerrit.osmocom.org/settings Gerrit-Project: osmo-bsc Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: I4b9ff9146068bf7f53d67c577454f32c02361b86 Gerrit-Change-Number: 11046 Gerrit-PatchSet: 1 Gerrit-Owner: Stefan Sperling