diff options
author | June McEnroe <june@causal.agency> | 2019-11-20 13:39:25 -0500 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2019-11-20 13:39:25 -0500 |
commit | db43450638ae9875619ce5c5a5e821990dd68c9f (patch) | |
tree | c4cf4986e21e5a577297ef7a36a2aac08e86d0a2 | |
parent | Format milliseconds as int (diff) | |
download | pounce-db43450638ae9875619ce5c5a5e821990dd68c9f.tar.gz pounce-db43450638ae9875619ce5c5a5e821990dd68c9f.zip |
Use strlcpy for sun_paths
My understanding is that sun_path need not be nul-terminated, but I didn't notice that SUN_LEN actually requires it. > The length of UNIX-domain address, required by bind(2) and connect(2), > can be calculated by the macro SUN_LEN() defined in <sys/un.h>. The > sun_path field must be terminated by a NUL character to be used with > SUN_LEN(), but the terminating NUL is not part of the address. Thanks to Duncan Overbruck <mail@duncano.de> for the report.
-rw-r--r-- | dispatch.c | 2 | ||||
-rw-r--r-- | local.c | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/dispatch.c b/dispatch.c index e80f297..d762105 100644 --- a/dispatch.c +++ b/dispatch.c @@ -288,7 +288,7 @@ int main(int argc, char *argv[]) { } struct sockaddr_un addr = { .sun_family = AF_UNIX }; - strncpy(addr.sun_path, name, sizeof(addr.sun_path)); + strlcpy(addr.sun_path, name, sizeof(addr.sun_path)); int sock = socket(PF_UNIX, SOCK_STREAM, 0); if (sock < 0) err(EX_OSERR, "socket"); diff --git a/local.c b/local.c index eccd2e6..6ef452b 100644 --- a/local.c +++ b/local.c @@ -131,10 +131,10 @@ size_t localUnix(int fds[], size_t cap, const char *path) { if (sock < 0) err(EX_OSERR, "socket"); struct sockaddr_un addr = { .sun_family = AF_UNIX }; - if (strlen(path) > sizeof(addr.sun_path)) { + size_t len = strlcpy(addr.sun_path, path, sizeof(addr.sun_path)); + if (len >= sizeof(addr.sun_path)) { errx(EX_CONFIG, "path too long: %s", path); } - strncpy(addr.sun_path, path, sizeof(addr.sun_path)); int error = bind(sock, (struct sockaddr *)&addr, SUN_LEN(&addr)); if (error) err(EX_UNAVAILABLE, "%s", path); |