make lxc_af_unix_open() safely return error on long pathnames

Signed-off-by: Dwight Engen <dwight.engen@oracle.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

make lxc_af_unix_open() safely return error on long pathnames
ddb17f1f · Dwight Engen · Stéphane Graber · 599d4252 · ddb17f1f
Unverified Commit ddb17f1f authored Apr 22, 2013 by Dwight Engen Committed by Stéphane Graber Apr 22, 2013
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 4 deletions

af_unix.c src/lxc/af_unix.c +13 -4

No files found.
--- a/src/lxc/af_unix.c
+++ b/src/lxc/af_unix.c
@@ -36,6 +36,7 @@ lxc_log_define(lxc_af_unix, lxc);
 int lxc_af_unix_open(const char *path, int type, int flags)
 {
 	int fd;
+	size_t len;
 	struct sockaddr_un addr;
 	if (flags & O_TRUNC)
@@ -52,8 +53,16 @@ int lxc_af_unix_open(const char *path, int type, int flags)
 	addr.sun_family = AF_UNIX;
 	/* copy entire buffer in case of abstract socket */
-	memcpy(addr.sun_path, path,
+	len = sizeof(addr.sun_path);
-	       path[0]?strlen(path):sizeof(addr.sun_path));
+	if (path[0]) {
+		len = strlen(path);
+		if (len >= sizeof(addr.sun_path)) {
+			close(fd);
+			errno = ENAMETOOLONG;
+			return -1;
+		}
+	}
+	memcpy(addr.sun_path, path, len);
 	if (bind(fd, (struct sockaddr *)&addr, sizeof(addr))) {
 		int tmp = errno;
@@ -61,7 +70,7 @@ int lxc_af_unix_open(const char *path, int type, int flags)
 		errno = tmp;
 		return -1;
 	}
 	if (type == SOCK_STREAM && listen(fd, 100)) {
 		int tmp = errno;
 		close(fd);
@@ -76,7 +85,7 @@ int lxc_af_unix_close(int fd)
 {
 	struct sockaddr_un addr;
 	socklen_t addrlen = sizeof(addr);
 	if (!getsockname(fd, (struct sockaddr *)&addr, &addrlen) &&
 	    addr.sun_path[0])
 		unlink(addr.sun_path);