UNIX_MAX_PATH wrong assumption in konf/net/net.c

Question

UNIX_MAX_PATH wrong assumption in konf/net/net.c

GoogleCodeExporter opened this issue 9 years ago · comments

Google Code Exporter commented 9 years ago

Hi,

In konf/net/net.c, UNIX_MAX_PATH is defined as 108, which on FreeBSD should be 
104.
It appears that other projects have had similar issues, for example lighttpd:
http://redmine.lighttpd.net/issues/713

Defining UNIX_MAX_PATH as 108 could lead to buffer overflow even on Linux, 
should the developers decide to change the size of the char[] this refers to 
(it does cause issues on FreeBSD).

The best way seems to be to use sizeof on the sun_path member of the 
sockaddr_un struct (as in the patch).

I've tested both on FreeBSD and on Linux and klish compiles cleanly with the 
patch.

Best wishes,
Stanislav

Original issue reported on code.google.com by stanisla...@smartcom.bg on 3 Apr 2013 at 4:32

Attachments:

konf_net.diff

Google Code Exporter · Answer 1 · Thu Aug 27 2015 18:44:52 GMT+0800 (China Standard Time)

Fixed. Thanks!
Now klish doesn't use UNIX_PATH_MAX at all. It uses sizeof(). The two 
utilities: konf and konfd were fixed.

Original comment by serj.kalichev@gmail.com on 3 Apr 2013 at 5:33

Changed state: Fixed