Hi, while working further on the changes to allow for dynamic adding/removing of backend servers we noticed a potential problem: the path given for the 'stats socket' global option may get truncated when copying it into the sockaddr_un.sun_path field.
Attached patch checks the length, and reports an error if truncation would happen. This issue was noticed by Joerg Sonnenberger <[email protected]>. Regards, -- Andreas -- Never attribute to malice that which can be adequately explained by stupidity. -- Hanlon's Razor
From 5cb754dc2e408e4eb1ca55792247cb449087f6c5 Mon Sep 17 00:00:00 2001 From: Andreas Kohn <[email protected]> Date: Wed, 19 Jan 2011 20:29:32 +0100 Subject: [PATCH] Check whether the path given for the stats socket actually fits into the sockaddr_un structure to avoid truncation. Noticed-by: Joerg Sonnenberger <[email protected]> --- src/dumpstats.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/src/dumpstats.c b/src/dumpstats.c index a45d40a..d77812e 100644 --- a/src/dumpstats.c +++ b/src/dumpstats.c @@ -164,6 +164,10 @@ static int stats_parse_global(char **args, int section_type, struct proxy *curpx return -1; } + if (strlen(args[1]) >= sizeof(su.sun_path)) { + snprintf(err, errlen, "'stats socket' path would require truncation, path must not be longer than %zu bytes", sizeof(su.sun_path)); + return -1; + } su.sun_family = AF_UNIX; strncpy(su.sun_path, args[1], sizeof(su.sun_path)); su.sun_path[sizeof(su.sun_path) - 1] = 0; -- 1.7.2.3
signature.asc
Description: This is a digitally signed message part
