[ic] vlink MINIVEND_SOCKET patch
Peter Ajamian
peter at pajamian.dhs.org
Tue May 5 18:03:28 UTC 2020
On 6/05/20 5:30 am, Peter wrote:
>>> Also, if strlen(lsocket) > sizeof(sa.sun_path), a truncated copy
>>> would end up being bunko, since it won’t refer to an actual valid
>>> path; would it be better to just check if strlen(lsocket) >
>>> sizeof(sa.sun_path) -1 and error out if so?
>>
>> Great point. No reason to proceed if the filename will be truncated.
>
> I agree, but I think we should do both, even though only one or the
> other is needed to prevent a buffer overflow both just makes doubly
> safe, and I tend to prefer to get rid of strcpy in favor of strncpy
> where I see it.
This should patch both vlink.c and vlink.pl. I still haven't tested:
--- interchange-5.12.0-rc1/dist/src/vlink.c.orig 2020-05-05
23:09:11.408139523 +1200
+++ interchange-5.12.0-rc1/dist/src/vlink.c 2020-05-06
05:58:00.769192141 +1200
@@ -37,6 +37,7 @@
#include <sys/socket.h>
#include <sys/un.h>
#include <unistd.h>
+#include <asm-generic/errno.h>
#ifndef ENVIRON_DECLARED
extern char** environ;
@@ -140,12 +141,20 @@
int i;
int e;
int r;
+ char *lsocket;
uid_t euid;
gid_t egid;
+ lsocket = getenv("MINIVEND_SOCKET");
+ if(lsocket == NULL) {
+ lsocket = LINK_FILE;
+ }
+
+ if(strlen(lsocket) > sizeof(sa.sun_path) - 1)
+ die(ENAMETOOLONG, "Socket file name too long");
sa.sun_family = AF_UNIX;
- strcpy(sa.sun_path, LINK_FILE);
+ strncpy(sa.sun_path, lsocket, sizeof(sa.sun_path) - 1);
#ifdef offsetof
size = (offsetof (struct sockaddr_un, sun_path) + strlen
(sa.sun_path) + 1);
#else
--- interchange-5.12.0-rc1/dist/src/vlink.pl.orig 2020-02-28
04:07:50.000000000 +1300
+++ interchange-5.12.0-rc1/dist/src/vlink.pl 2020-05-06
05:52:33.648898727 +1200
@@ -24,7 +24,7 @@
require 5.014_001;
use strict;
use Socket;
-my $LINK_FILE = '~@~INSTALLARCHLIB~@~/etc/socket';
+my $LINK_FILE = $ENV{MINIVEND_SOCKET} ||
'~@~INSTALLARCHLIB~@~/etc/socket';
#my $LINK_FILE = '~_~LINK_FILE~_~';
my $LINK_TIMEOUT = 30;
#my $LINK_TIMEOUT = ~_~LINK_TIMEOUT~_~;
Peter
More information about the interchange-users
mailing list