From: Oto Šťáva <oto.stava@nic.cz>
Date: Wed, 4 May 2022 05:55:32 +0000 (+0200)
Subject: lib/utils: check for unix socket paths null-termination
X-Git-Tag: v5.5.1~15^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=51359b76c7c7bc4d736d5c8167c859f74a2fbece;p=thirdparty%2Fknot-resolver.git

lib/utils: check for unix socket paths null-termination
---

diff --git a/lib/utils.c b/lib/utils.c
index b43d80aa7..f6f5f4408 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -336,10 +336,20 @@ ssize_t kr_sockaddr_key(struct kr_sockaddr_key_storage *dst,
 		const struct sockaddr_un *addr_un = (const struct sockaddr_un *) addr;
 		struct kr_sockaddr_un_key *unkey = (struct kr_sockaddr_un_key *) dst;
 		unkey->family = AF_UNIX;
-		strncpy(unkey->path, addr_un->sun_path, sizeof(unkey->path));
-		size_t pathlen = strnlen(unkey->path, sizeof(unkey->path));
-		if (pathlen < sizeof(unkey->path)) /* Include null-terminator */
-			pathlen += 1;
+		size_t pathlen = strnlen(addr_un->sun_path, sizeof(unkey->path));
+		if (pathlen == 0 || pathlen >= sizeof(unkey->path)) {
+			/* Abstract sockets are not supported - we would need
+			 * to also supply a length value for the abstract
+			 * pathname.
+			 *
+			 * UNIX socket path should be null-terminated.
+			 *
+			 * See unix(7). */
+			return kr_error(EINVAL);
+		}
+
+		pathlen += 1; /* Include null-terminator */
+		strncpy(unkey->path, addr_un->sun_path, pathlen);
 		return offsetof(struct kr_sockaddr_un_key, path) + pathlen;
 
 	default: