moonchen opened a new pull request, #13356: URL: https://github.com/apache/trafficserver/pull/13356
#### Problem A unix domain socket path in `proxy.config.http.server_ports` longer than `sun_path` (108 bytes including the terminator) is silently truncated: `UnAddr`'s constructors `strncpy` into the 108-byte buffer, and an over-long input also leaves it unterminated (`strncpy` writes no terminator when it truncates). ATS then binds a listener on the wrong filesystem path — observed as the 107-byte truncated path plus a garbage byte in `ss -xl` — or dies at startup with `Could not bind or listen to port 0 ... (error: 98) Address already in use` when the truncated prefix happens to name an existing directory. Nothing tells the operator the configured path was too long. (The jsonrpc server already rejects an over-long socket path with a clear error; the traffic listener did not.) #### Fix - `HttpProxyPort::processOptions`: reject a unix path that cannot fit `sun_path`, with a Warning naming the limit, like other invalid port tokens. The descriptor is dropped; as with any fully-invalid descriptor, ATS falls back to the default port if nothing valid remains. - `UnAddr(const char *)` / `UnAddr(const std::string &)`: always null-terminate `_path`, so no future caller can produce an unterminated path buffer. #### Tests - `test_RecHttp`: a normal unix path parses; the maximum-length (107-byte) path parses intact; a 108-byte path is rejected with the new warning. - `test_ink_inet`: over-long `UnAddr` construction yields a terminated, truncated `_path` from both string constructors. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
