From mboxrd@z Thu Jan 1 00:00:00 1970 Received: by passt.top (Postfix, from userid 1000) id 20A2B5A031E; Thu, 27 Jun 2024 22:46:41 +0200 (CEST) From: Stefano Brivio To: passt-dev@passt.top Subject: [PATCH v2 5/5] conf: Use the right maximum buffer size for c->sock_path Date: Thu, 27 Jun 2024 22:46:41 +0200 Message-ID: <20240627204641.4046184-6-sbrivio@redhat.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240627204641.4046184-1-sbrivio@redhat.com> References: <20240627204641.4046184-1-sbrivio@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: MG43KBNI5U72DL2AMDLHE36EF23HC5ZY X-Message-ID-Hash: MG43KBNI5U72DL2AMDLHE36EF23HC5ZY X-MailFrom: sbrivio@passt.top X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Matej Hrica , David Gibson X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: UNIX_SOCK_MAX is the maximum number we'll append to the socket path if we generate it automatically. If it's given on the command line, it can be up to UNIX_PATH_MAX (including the terminating character) long. UNIX_SOCK_MAX happened to kind of fit because it's 100 (instead of 108). Commit ceddcac74a6e ("conf, tap: False "Buffer not null terminated" positives, CWE-170") fixed the wrong problem: the right fix for the problem at hand was actually commit cc287af173ca ("conf: Fix incorrect bounds checking for sock_path parameter"). Fixes: ceddcac74a6e ("conf, tap: False "Buffer not null terminated" positives, CWE-170") Signed-off-by: Stefano Brivio --- conf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf.c b/conf.c index 9e47e9a..3c38ceb 100644 --- a/conf.c +++ b/conf.c @@ -1398,7 +1398,7 @@ void conf(struct ctx *c, int argc, char **argv) c->foreground = 1; break; case 's': - ret = snprintf(c->sock_path, UNIX_SOCK_MAX - 1, "%s", + ret = snprintf(c->sock_path, sizeof(c->sock_path), "%s", optarg); if (ret <= 0 || ret >= (int)sizeof(c->sock_path)) die("Invalid socket path: %s", optarg); -- 2.43.0