moonchen opened a new pull request, #13356:
URL: https://github.com/apache/trafficserver/pull/13356

   #### Problem
   A unix domain socket path in `proxy.config.http.server_ports` longer than 
`sun_path` (108 bytes including the terminator) is silently truncated: 
`UnAddr`'s constructors `strncpy` into the 108-byte buffer, and an over-long 
input also leaves it unterminated (`strncpy` writes no terminator when it 
truncates). ATS then binds a listener on the wrong filesystem path — observed 
as the 107-byte truncated path plus a garbage byte in `ss -xl` — or dies at 
startup with `Could not bind or listen to port 0 ... (error: 98) Address 
already in use` when the truncated prefix happens to name an existing 
directory. Nothing tells the operator the configured path was too long. (The 
jsonrpc server already rejects an over-long socket path with a clear error; the 
traffic listener did not.)
   
   #### Fix
   - `HttpProxyPort::processOptions`: reject a unix path that cannot fit 
`sun_path`, with a Warning naming the limit, like other invalid port tokens. 
The descriptor is dropped; as with any fully-invalid descriptor, ATS falls back 
to the default port if nothing valid remains.
   - `UnAddr(const char *)` / `UnAddr(const std::string &)`: always 
null-terminate `_path`, so no future caller can produce an unterminated path 
buffer.
   
   #### Tests
   - `test_RecHttp`: a normal unix path parses; the maximum-length (107-byte) 
path parses intact; a 108-byte path is rejected with the new warning.
   - `test_ink_inet`: over-long `UnAddr` construction yields a terminated, 
truncated `_path` from both string constructors.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to