From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 15 Oct 2018 16:17:57 +0000 (+0200)
Subject: sd-bus: make parsing of AF_UNIX socket addresses more strict
X-Git-Tag: v240~538^2~8
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=1d261418e280a7918549d638d574fbea08cf79a9;p=thirdparty%2Fsystemd.git

sd-bus: make parsing of AF_UNIX socket addresses more strict

Insist on NUL termination, just to be safe rather than sorry. The kernel
doesn't require it, but it's really annoying if people rely on this,
hence refuse this early.
---

diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 7868e53fb62..d6c00951613 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -730,7 +730,7 @@ static int parse_unix_address(sd_bus *b, const char **p, char **guid) {
 
         if (path) {
                 l = strlen(path);
-                if (l > sizeof(b->sockaddr.un.sun_path))
+                if (l >= sizeof(b->sockaddr.un.sun_path)) /* We insist on NUL termination */
                         return -E2BIG;
 
                 b->sockaddr.un.sun_family = AF_UNIX;
@@ -738,7 +738,7 @@ static int parse_unix_address(sd_bus *b, const char **p, char **guid) {
                 b->sockaddr_size = offsetof(struct sockaddr_un, sun_path) + l;
         } else if (abstract) {
                 l = strlen(abstract);
-                if (l > sizeof(b->sockaddr.un.sun_path) - 1)
+                if (l >= sizeof(b->sockaddr.un.sun_path) - 1) /* We insist on NUL termination */
                         return -E2BIG;
 
                 b->sockaddr.un.sun_family = AF_UNIX;