Unix.getsockname and unnamed PF_UNIX sockets #7039
Comments
|
Comment author: @xavierleroy Fixed in trunk, commit ed0a785. In the problematic case, we just return ADDR_UNIX "" (empty string as path name). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Original bug ID: 7039
Reporter: @xavierleroy
Status: closed (set by @xavierleroy on 2017-02-16T14:14:36Z)
Resolution: fixed
Priority: normal
Severity: minor
Platform: x86-64
OS: Linux
Version: 4.02.3
Target version: 4.03.0+dev / +beta1
Fixed in version: 4.03.0+dev / +beta1
Category: otherlibs
Bug description
When applied to an unnamed socket of the PF_UNIX family, Unix.getsockname returns ADDR_UNIX of a string containing random junk. This is because the sun_path field of the sockaddr_un structure is not initialized in the case of an unnamed socket. Reading a zero-terminated string off of sun_path, then, produces garbage and could cause a memory fault (if no zero byte is found nearby).
Steps to reproduce
See attached repro.
File attachments
The text was updated successfully, but these errors were encountered: