From 1c13486bd6c28e51a2a028d1d0f7d1cbe40eb1df Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Sun, 22 Jul 2012 16:42:37 +0200 Subject: [PATCH] unnamed unix domain socket could generate invalid log output or lead to a process crash --- CHANGES | 4 ++++ sysutils.c | 14 +++++++++----- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/CHANGES b/CHANGES index 5dedd5f..85a925b 100644 --- a/CHANGES +++ b/CHANGES @@ -53,6 +53,10 @@ corrections: socat option -x did not print packet direction, timestamp etc; thanks to Anthony Sharobaiko for sending a patch + Marcus Meissner provided a patch that fixes invalid output and possible + process crash when socat prints info about an unnamed unix domain + socket + docu mentions option so-bindtodev but correct name is so-bindtodevice. Thanks to Jim Zimmerman for reporting. diff --git a/sysutils.c b/sysutils.c index e7489fb..87c0079 100644 --- a/sysutils.c +++ b/sysutils.c @@ -1,5 +1,5 @@ /* source: sysutils.c */ -/* Copyright Gerhard Rieger 2001-2008 */ +/* Copyright Gerhard Rieger 2001-2012 */ /* Published under the GNU General Public License V.2, see file COPYING */ /* translate socket addresses into human readable form */ @@ -215,10 +215,14 @@ char *sockaddr_unix_info(const struct sockaddr_un *sa, socklen_t salen, char *bu } else #endif /* WITH_ABSTRACT_UNIXSOCKET */ { - nextc = - sanitize_string(sa->sun_path, - MIN(UNIX_PATH_MAX, strlen(sa->sun_path)), - ubuff, XIOSAN_DEFAULT_BACKSLASH_OCT_3); + if (salen <= XIOUNIXSOCKOVERHEAD) { + nextc = sanitize_string ("", MIN(UNIX_PATH_MAX, strlen("")), + ubuff, XIOSAN_DEFAULT_BACKSLASH_OCT_3); + } else { + nextc = sanitize_string(sa->sun_path, + MIN(UNIX_PATH_MAX, strlen(sa->sun_path)), + ubuff, XIOSAN_DEFAULT_BACKSLASH_OCT_3); + } *nextc = '\0'; strncpy(buff, ubuff, blen); }