Verify that the path is short enough, and replace `strncpy` with `strcpy`.
Signed-off-by: Jeremy Sowden <jeremy@xxxxxxxxxx>
---
input/packet/ulogd_inppkt_UNIXSOCK.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/input/packet/ulogd_inppkt_UNIXSOCK.c b/input/packet/ulogd_inppkt_UNIXSOCK.c
index d88609f203c4..af2fbeca1f4c 100644
--- a/input/packet/ulogd_inppkt_UNIXSOCK.c
+++ b/input/packet/ulogd_inppkt_UNIXSOCK.c
@@ -475,10 +475,19 @@ static int handle_packet(struct ulogd_pluginstance *upi, struct ulogd_unixsock_p
static int _create_unix_socket(const char *unix_path)
{
int ret = -1;
- struct sockaddr_un server_sock;
+ struct sockaddr_un server_sock = { .sun_family = AF_UNIX };
int s;
struct stat st_dummy;
+ if (sizeof(server_sock.sun_path) <= strlen(unix_path)) {
+ ulogd_log(ULOGD_ERROR,
+ "ulogd2: unix socket path '%s' too long\n",
+ unix_path);
+ return -1;
+ }
+
+ strcpy(server_sock.sun_path, unix_path);
+
if (stat(unix_path, &st_dummy) == 0 && st_dummy.st_size > 0) {
ulogd_log(ULOGD_ERROR,
"ulogd2: unix socket '%s' already exists\n",
@@ -493,10 +502,6 @@ static int _create_unix_socket(const char *unix_path)
return -1;
}
- server_sock.sun_family = AF_UNIX;
- strncpy(server_sock.sun_path, unix_path, sizeof(server_sock.sun_path));
- server_sock.sun_path[sizeof(server_sock.sun_path)-1] = '\0';
-
ret = bind(s, (struct sockaddr *)&server_sock, sizeof(server_sock));
if (ret < 0) {
ulogd_log(ULOGD_ERROR,
--
2.33.0
