Applied in r1602989.
On Fri, Jun 13, 2014 at 1:45 AM, Yann Ylavic <[email protected]> wrote: > On Fri, Jun 13, 2014 at 1:20 AM, Yann Ylavic <[email protected]> wrote: >> On Fri, Jun 13, 2014 at 1:09 AM, Yann Ylavic <[email protected]> wrote: >>> On Fri, Jun 13, 2014 at 12:32 AM, Yann Ylavic <[email protected]> wrote: >>>> The most important imho is to not truncate the length at sizeof(struct >>>> sockaddr_un) when the real sun_path is beyond sizeof(sun_path). >>>> The libc calls are probably bullet proof regarding NUL termination >>>> (eg. force ((char*)sun)[addrlen] = 0 and recompute the length like in >>>> the linux code from your link above), setting the NUL ourself at the >>>> good place seems reasonable though ;) >>> >>> Hence I think the correct behaviour is in mod_cgid, and something like >>> the following patch should be applied : >> >> This one is better : > > Well, finally, how about this one (the full monty, attached)?
