> On Jan 4, 2017, at 15:45, Juli Mallett <j...@clockworksquid.com> wrote: > >> On Wed, Jan 4, 2017 at 3:36 PM, Jilles Tjoelker <jil...@stack.nl> wrote: >>> On Wed, Jan 04, 2017 at 02:46:36AM +0000, Ngie Cooper wrote: >>> - Initialize .sun_len before passing it to strlcpy and bind. >> It would be better to avoid naming the non-portable sun_len field if it >> is just to make Coverity happy. I suggest initializing the structure >> with designated initializers or memset(). >> >> Apart from that, the value for sun_len is wrong; it should be the length >> of the whole structure and not just the sun_path part. Fortunately, the >> field is ignored by bind(), which uses the addrlen parameter instead.
The problem was the strcpy and the fact that the code didn't check the input buffer to make sure it didn't overrun the destination buffer. > This is incorrect, too. It's the length of the sockaddr_un header > plus the actual length of the pathname, not the available size of the > path field. It's kind of awful that it's inconsistent with the other > sockaddr types, but that's the fun of sockaddr_un, to accommodate the > fact that the path name is naturally a variable-length field. In > fact, the calculation here seems to be wrong, also; we have the > SUN_LEN macro in <sys/un.h> for a reason, and it's what the unix(4) > manpage suggests. Of course, sun_len is sort of needlessly obscure > and in general it's best for us to fix anything which requires the > _len fields to be accurate, and to just ignore them :( Ack.. thanks for the reminder :/.. I'll fix this soon :(. -Ngie _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
