haraldwolff/qemu-patch-raspberry4
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

virtfs-proxy: Fix possible overflow

Browse source 
It's detected by coverity. The socket name specified
should fit in the sockadd_un.sun_path. If not abort.

Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
This commit is contained in:
Shannon Zhao 2015-03-14 10:00:16 +08:00 committed by Aneesh Kumar K.V
parent 821c447675
commit 25ee9a7fa3
2 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
fsdev/virtfs-proxy-helper.c
View file

@ -738,6 +738,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t gid)
return -1;
}
g_assert(strlen(path) < sizeof(proxy.sun_path));
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0) {
do_perror("socket");

4
hw/9pfs/virtio-9p-proxy.c
View file

@ -1100,6 +1100,10 @@ static int connect_namedsocket(const char *path)
int sockfd, size;
struct sockaddr_un helper;
if (strlen(path) >= sizeof(helper.sun_path)) {
fprintf(stderr, "Socket name too large\n");
return -1;
}
sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
if (sockfd < 0) {
fprintf(stderr, "failed to create socket: %s\n", strerror(errno));