From db43450638ae9875619ce5c5a5e821990dd68c9f Mon Sep 17 00:00:00 2001
From: "C. McEnroe" <june@causal.agency>
Date: Wed, 20 Nov 2019 13:39:25 -0500
Subject: Use strlcpy for sun_paths

My understanding is that sun_path need not be nul-terminated, but I
didn't notice that SUN_LEN actually requires it.

> The length of UNIX-domain address, required by bind(2) and connect(2),
> can be calculated by the macro SUN_LEN() defined in <sys/un.h>.  The
> sun_path field must be terminated by a NUL character to be used with
> SUN_LEN(), but the terminating NUL is not part of the address.

Thanks to Duncan Overbruck <mail@duncano.de> for the report.
---
 local.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'local.c')

diff --git a/local.c b/local.c
index eccd2e6..6ef452b 100644
--- a/local.c
+++ b/local.c
@@ -131,10 +131,10 @@ size_t localUnix(int fds[], size_t cap, const char *path) {
 	if (sock < 0) err(EX_OSERR, "socket");
 
 	struct sockaddr_un addr = { .sun_family = AF_UNIX };
-	if (strlen(path) > sizeof(addr.sun_path)) {
+	size_t len = strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
+	if (len >= sizeof(addr.sun_path)) {
 		errx(EX_CONFIG, "path too long: %s", path);
 	}
-	strncpy(addr.sun_path, path, sizeof(addr.sun_path));
 
 	int error = bind(sock, (struct sockaddr *)&addr, SUN_LEN(&addr));
 	if (error) err(EX_UNAVAILABLE, "%s", path);
-- 
cgit 1.4.1