Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unix.getsockname and unnamed PF_UNIX sockets #7039

vicuna opened this issue Nov 11, 2015 · 1 comment

Unix.getsockname and unnamed PF_UNIX sockets #7039

vicuna opened this issue Nov 11, 2015 · 1 comment


Copy link

@vicuna vicuna commented Nov 11, 2015

Original bug ID: 7039
Reporter: @xavierleroy
Status: closed (set by @xavierleroy on 2017-02-16T14:14:36Z)
Resolution: fixed
Priority: normal
Severity: minor
Platform: x86-64
OS: Linux
Version: 4.02.3
Target version: 4.03.0+dev / +beta1
Fixed in version: 4.03.0+dev / +beta1
Category: otherlibs

Bug description

When applied to an unnamed socket of the PF_UNIX family, Unix.getsockname returns ADDR_UNIX of a string containing random junk. This is because the sun_path field of the sockaddr_un structure is not initialized in the case of an unnamed socket. Reading a zero-terminated string off of sun_path, then, produces garbage and could cause a memory fault (if no zero byte is found nearby).

Steps to reproduce

See attached repro.

File attachments

Copy link

@vicuna vicuna commented Nov 11, 2015

Comment author: @xavierleroy

Fixed in trunk, commit ed0a785. In the problematic case, we just return ADDR_UNIX "" (empty string as path name).

@vicuna vicuna closed this as completed Feb 16, 2017
@vicuna vicuna added this to the 4.03.0 milestone Mar 14, 2019
@vicuna vicuna added the bug label Mar 20, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

No branches or pull requests

1 participant