RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-13 23:14:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit

Browse Source 
We do have some checks for the UNIX socket path length to validate the
full pathname of a unix socket but the pathname extension is only taken
into account when using a bind_prefix. The second check only matches
against MAXPATHLEN. So this means that path names between 98 and 108
might successfully parse but fail to bind. Let's adjust the check in
the address parser and refine the error checking at the bind() step.

This addresses bug #493.
This commit is contained in:
Willy Tarreau 2020-02-11 06:43:37 +01:00
parent 508f989758
commit 327ea5aec8
2 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/proto_uxst.c
View File

@ -187,6 +187,7 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
struct sockaddr_un addr;
const char *msg = NULL;
const char *path;
int maxpathlen;
int ext, ready;
socklen_t ready_len;
int err;
@ -205,6 +206,8 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
listener->fd = uxst_find_compatible_fd(listener);
path = ((struct sockaddr_un *)&listener->addr)->sun_path;
maxpathlen = MIN(MAXPATHLEN, sizeof(addr.sun_path));
/* if the listener already has an fd assigned, then we were offered the
* fd by an external process (most likely the parent), and we don't want
* to create a new socket. However we still want to set a few flags on
@ -216,17 +219,17 @@ static int uxst_bind_listener(struct listener *listener, char *errmsg, int errle
goto fd_ready;
if (path[0]) {
ret = snprintf(tempname, MAXPATHLEN, "%s.%d.tmp", path, pid);
if (ret < 0 || ret >= MAXPATHLEN) {
ret = snprintf(tempname, maxpathlen, "%s.%d.tmp", path, pid);
if (ret < 0 || ret >= maxpathlen) {
err |= ERR_FATAL | ERR_ALERT;
msg = "name too long for UNIX socket";
msg = "name too long for UNIX socket (limit usually 97)";
goto err_return;
}
ret = snprintf(backname, MAXPATHLEN, "%s.%d.bak", path, pid);
if (ret < 0 || ret >= MAXPATHLEN) {
ret = snprintf(backname, maxpathlen, "%s.%d.bak", path, pid);
if (ret < 0 || ret >= maxpathlen) {
err |= ERR_FATAL | ERR_ALERT;
msg = "name too long for UNIX socket";
msg = "name too long for UNIX socket (limit usually 97)";
goto err_return;
}

2
src/standard.c
View File

@ -938,7 +938,7 @@ struct sockaddr_storage *str2sa_range(const char *str, int *port, int *low, int
*/
prefix_path_len = (pfx && !abstract) ? strlen(pfx) : 0;
max_path_len = (sizeof(un->sun_path) - 1) -
(prefix_path_len ? prefix_path_len + 1 + 5 + 1 + 3 : 0);
(abstract ? 0 : prefix_path_len + 1 + 5 + 1 + 3);
adr_len = strlen(str2);
if (adr_len > max_path_len) {