-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CA-220442: Check length of socket name before copying #202
Conversation
@@ -187,6 +187,13 @@ tap_ctl_connect(const char *name, int *sfd) | |||
|
|||
memset(&saddr, 0, sizeof(saddr)); | |||
saddr.sun_family = AF_UNIX; | |||
|
|||
if (unlikely(strlen(name) > sizeof(saddr.sun_path) - 1)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This line should be more readable by adding parenthesis around sizeof and -1 instead of relying on operator precedence.
I do see your point in raising an error instead of truncating and keep going
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree changing 'sizeof(saddr.sun_path) - 1" to '(sizeof(saddr.sun_path) - 1)' would make it a bit more readable
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a random line taken from the linux kernel
if (unlikely(!bvl && (gfp_mask & __GFP_DIRECT_RECLAIM)))
I think whoever wrote the block layer knows C enough, nevertheless they felt the need to
make it readable.
There is a difference between readable and understanble
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or even pull the maximum allowed size out as a constant and use that, no parens required.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
apples and oranges...
9d134bc
to
04a60a4
Compare
Don't quite understand the apple and oranges comment. I am getting the commit as is, I think we spent far too much time on this one. |
'struct sockaddr_un' member 'sun_path' is a fixed size, 108 byte array. Check that 'name' is at maximum 107 characters long before copying. Signed-off-by: Kostas Ladopoulos <konstantinos.ladopoulos@citrix.com>
04a60a4
to
4d5da89
Compare
'struct sockaddr_un' member 'sun_path' is a fixed size, 108 byte array.
Check that 'name' is at maximum 107 characters long before copying.
Signed-off-by: Kostas Ladopoulos konstantinos.ladopoulos@citrix.com