quark

quark web server
git clone git://git.suckless.org/quark
Log | Files | Refs | LICENSE

commit bdff59a5f645a0b79f0a116d313d13f7ed9603ec
parent d5a6e978b9a12d0719aff8ae3474e8991dd2f97b
Author: Laslo Hunhold <dev@frign.de>
Date:   Tue,  4 Jul 2017 22:44:47 +0200

Check for UNIX-doman socket name truncation

Diffstat:
quark.c | 7++++++-
1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/quark.c b/quark.c @@ -841,6 +841,7 @@ static int getusock(char *udsname) { struct sockaddr_un addr; + size_t udsnamelen; int insock; if ((insock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { @@ -849,7 +850,11 @@ getusock(char *udsname) memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; - strncpy(addr.sun_path, udsname, sizeof(addr.sun_path) - 1); + + if ((udsnamelen = strlen(udsname)) > sizeof(addr.sun_path) - 1) { + die("%s: UNIX-domain socket name truncated\n", argv0); + } + memcpy(addr.sun_path, udsname, udsnamelen + 1); unlink(udsname);