From: Vincent Bernat <vincent@bernat.im>
Date: Wed, 18 Mar 2015 14:25:36 +0000 (+0100)
Subject: priv: ensure we write exactly what will be read
X-Git-Tag: 0.7.14~16
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=004b5f944539fc74d49f90625c263109585fb52f;p=thirdparty%2Flldpd.git

priv: ensure we write exactly what will be read

When using SOCK_DGRAM/SOCK_SEQPACKET, it doesn't matter to write a bit
more since it is truncated. However, if we want to switch to
SOCK_STREAM, we must exactly write the right amount of bytes.
---

diff --git a/src/daemon/priv-linux.c b/src/daemon/priv-linux.c
index 69054cd7..cc140879 100644
--- a/src/daemon/priv-linux.c
+++ b/src/daemon/priv-linux.c
@@ -47,7 +47,7 @@ priv_open(char *file)
 	must_write(PRIV_UNPRIVILEGED, &cmd, sizeof(enum priv_cmd));
 	len = strlen(file);
 	must_write(PRIV_UNPRIVILEGED, &len, sizeof(int));
-	must_write(PRIV_UNPRIVILEGED, file, len + 1);
+	must_write(PRIV_UNPRIVILEGED, file, len);
 	priv_wait();
 	must_read(PRIV_UNPRIVILEGED, &rc, sizeof(int));
 	if (rc == -1)
@@ -64,7 +64,7 @@ priv_ethtool(char *ifname, void *ethc, size_t length)
 	must_write(PRIV_UNPRIVILEGED, &cmd, sizeof(enum priv_cmd));
 	len = strlen(ifname);
 	must_write(PRIV_UNPRIVILEGED, &len, sizeof(int));
-	must_write(PRIV_UNPRIVILEGED, ifname, len + 1);
+	must_write(PRIV_UNPRIVILEGED, ifname, len);
 	priv_wait();
 	must_read(PRIV_UNPRIVILEGED, &rc, sizeof(int));
 	if (rc != 0)
diff --git a/src/daemon/priv.c b/src/daemon/priv.c
index 00e18846..e0f35f66 100644
--- a/src/daemon/priv.c
+++ b/src/daemon/priv.c
@@ -107,7 +107,8 @@ priv_gethostname()
 	must_read(PRIV_UNPRIVILEGED, &rc, sizeof(int));
 	if ((buf = (char*)realloc(buf, rc+1)) == NULL)
 		fatal("privsep", NULL);
-	must_read(PRIV_UNPRIVILEGED, buf, rc+1);
+	must_read(PRIV_UNPRIVILEGED, buf, rc);
+	buf[rc] = '\0';
 	return buf;
 }
 
@@ -229,11 +230,11 @@ asroot_gethostname()
 #endif
                 len = strlen(un.nodename);
                 must_write(PRIV_PRIVILEGED, &len, sizeof(int));
-                must_write(PRIV_PRIVILEGED, un.nodename, len + 1);
+                must_write(PRIV_PRIVILEGED, un.nodename, len);
         } else {
                 len = strlen(res->ai_canonname);
                 must_write(PRIV_PRIVILEGED, &len, sizeof(int));
-                must_write(PRIV_PRIVILEGED, res->ai_canonname, len + 1);
+                must_write(PRIV_PRIVILEGED, res->ai_canonname, len);
 		freeaddrinfo(res);
         }
 }