Coverity says:
You might overrun the 108 byte fixed-size string "addr.sun_path" by
copying "unixsock" without checking the lenght.
Note: This detect has an elevated risk because the source argument is a
paramenter of the current function.
---
src/virt-viewer-app.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/virt-viewer-app.c b/src/virt-viewer-app.c
index d762699..f53a6f8 100644
--- a/src/virt-viewer-app.c
+++ b/src/virt-viewer-app.c
@@ -705,6 +705,11 @@ virt_viewer_app_open_unix_sock(const char *unixsock)
struct sockaddr_un addr;
int fd;
+ if (strlen(unixsock) + 1 > sizeof(addr.sun_path)) {
+ g_warning ("address is too long for unix socket_path: %s", unixsock);
+ return -1;
+ }
+
memset(&addr, 0, sizeof addr);
addr.sun_family = AF_UNIX;
strcpy(addr.sun_path, unixsock);
--
2.4.3
_______________________________________________
virt-tools-list mailing list
virt-tools-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/virt-tools-list
