From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Wed, 19 Aug 2015 13:52:36 +0000 (+0200)
Subject: cmdmon: fix handling of packets from unbound Unix sockets
X-Git-Tag: 2.2-pre1~78
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b7a4b84f0afd147f5c1f69f86d28163bb75cb667;p=thirdparty%2Fchrony.git

cmdmon: fix handling of packets from unbound Unix sockets

When a packet is received from an unbound Unix domain socket, recvfrom()
may return with zero addrlen.
---

diff --git a/cmdmon.c b/cmdmon.c
index 3af3d9c3..2375ff32 100644
--- a/cmdmon.c
+++ b/cmdmon.c
@@ -1558,8 +1558,11 @@ read_from_cmd_socket(void *anything)
     return;
   }
 
-  if (from_length > sizeof (where_from))
-    LOG_FATAL(LOGF_CmdMon, "Truncated source address");
+  if (from_length > sizeof (where_from) ||
+      from_length <= sizeof (where_from.sa.sa_family)) {
+    DEBUG_LOG(LOGF_CmdMon, "Read command packet without source address");
+    return;
+  }
 
   read_length = status;
 
@@ -1582,11 +1585,9 @@ read_from_cmd_socket(void *anything)
       break;
 #endif
     case IPADDR_UNSPEC:
-      /* Unix domain socket */
-      if (where_from.sa.sa_family != AF_UNIX) {
-        DEBUG_LOG(LOGF_CmdMon, "Read command packet with no address");
+      /* This should be the Unix domain socket */
+      if (where_from.sa.sa_family != AF_UNIX)
         return;
-      }
       assert(sock_fd == sock_fdu);
       localhost = 1;
       break;