From db43450638ae9875619ce5c5a5e821990dd68c9f Mon Sep 17 00:00:00 2001 From: "C. McEnroe" Date: Wed, 20 Nov 2019 13:39:25 -0500 Subject: Use strlcpy for sun_paths My understanding is that sun_path need not be nul-terminated, but I didn't notice that SUN_LEN actually requires it. > The length of UNIX-domain address, required by bind(2) and connect(2), > can be calculated by the macro SUN_LEN() defined in . The > sun_path field must be terminated by a NUL character to be used with > SUN_LEN(), but the terminating NUL is not part of the address. Thanks to Duncan Overbruck for the report. --- dispatch.c | 2 +- local.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dispatch.c b/dispatch.c index e80f297..d762105 100644 --- a/dispatch.c +++ b/dispatch.c @@ -288,7 +288,7 @@ int main(int argc, char *argv[]) { } struct sockaddr_un addr = { .sun_family = AF_UNIX }; - strncpy(addr.sun_path, name, sizeof(addr.sun_path)); + strlcpy(addr.sun_path, name, sizeof(addr.sun_path)); int sock = socket(PF_UNIX, SOCK_STREAM, 0); if (sock < 0) err(EX_OSERR, "socket"); diff --git a/local.c b/local.c index eccd2e6..6ef452b 100644 --- a/local.c +++ b/local.c @@ -131,10 +131,10 @@ size_t localUnix(int fds[], size_t cap, const char *path) { if (sock < 0) err(EX_OSERR, "socket"); struct sockaddr_un addr = { .sun_family = AF_UNIX }; - if (strlen(path) > sizeof(addr.sun_path)) { + size_t len = strlcpy(addr.sun_path, path, sizeof(addr.sun_path)); + if (len >= sizeof(addr.sun_path)) { errx(EX_CONFIG, "path too long: %s", path); } - strncpy(addr.sun_path, path, sizeof(addr.sun_path)); int error = bind(sock, (struct sockaddr *)&addr, SUN_LEN(&addr)); if (error) err(EX_UNAVAILABLE, "%s", path); -- cgit 1.4.1