> On Jan 4, 2017, at 22:29, Ngie Cooper <yaneurab...@gmail.com> wrote: > > >> On Jan 4, 2017, at 15:45, Juli Mallett <j...@clockworksquid.com> wrote: >> >>> On Wed, Jan 4, 2017 at 3:36 PM, Jilles Tjoelker <jil...@stack.nl> wrote: >>>> On Wed, Jan 04, 2017 at 02:46:36AM +0000, Ngie Cooper wrote: >>>> - Initialize .sun_len before passing it to strlcpy and bind. >>> It would be better to avoid naming the non-portable sun_len field if it >>> is just to make Coverity happy. I suggest initializing the structure >>> with designated initializers or memset(). >>> >>> Apart from that, the value for sun_len is wrong; it should be the length >>> of the whole structure and not just the sun_path part. Fortunately, the >>> field is ignored by bind(), which uses the addrlen parameter instead. > > The problem was the strcpy and the fact that the code didn't check the input > buffer to make sure it didn't overrun the destination buffer.
Bah.. I misremembered the fact that it was using strlcpy before and after… -Ngie
signature.asc
Description: Message signed with OpenPGP using GPGMail
