From nobody Tue Feb 10 05:41:55 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1628168117; cv=none; d=zohomail.com; s=zohoarc; b=h2LiFV5DJquv90TQupmV5DPUpZFgqL56O8r7UbgyBrlBw3bz6PwOVr1kXikYh0EAkTbjTxGzIvB7Vgpu2HK7WP9GLcxkpI7yLfjR3dK8t46HVcuR3dqCH4Vii2V+mmrEtqnxRDJp9KqFkNCj4cmqRkB2Cxbh7ML59xjEH86o6hk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1628168117; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=WKh8TTwmBc10mvb7az/NZqnTmPQDHByAnQPq5GnrTLg=; b=SS/tQYZayQgbyNwZz1/0TwJRdv1T1frf8IUhtQP5LT33B4bOv4T3uKvp3DEwVLTgUOCQwRJTDDlZOs2Z+sIu4gIk0yn/yKl+aS0uDHOkZIqjgIw68oFRuCsQLA2amKcu3nHg3Kca03tJgBRNvOMqqd6CruMVY0x/rnbMwVsspFA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 162816811750564.84344226129303; Thu, 5 Aug 2021 05:55:17 -0700 (PDT) Received: from localhost ([::1]:41936 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mBcu4-0005Jk-CM for importer@patchew.org; Thu, 05 Aug 2021 08:55:16 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58644) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mBcsk-00037C-Ne for qemu-devel@nongnu.org; Thu, 05 Aug 2021 08:53:54 -0400 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]:33736) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mBcsj-0003mq-5M for qemu-devel@nongnu.org; Thu, 05 Aug 2021 08:53:54 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-578-zpTC6HwDMk6K6DWbEF0xCw-1; Thu, 05 Aug 2021 08:53:48 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C9271801B3D; Thu, 5 Aug 2021 12:53:47 +0000 (UTC) Received: from localhost (unknown [10.39.208.3]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4A2BE1036D2E; Thu, 5 Aug 2021 12:53:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1628168031; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WKh8TTwmBc10mvb7az/NZqnTmPQDHByAnQPq5GnrTLg=; b=fCU86vob2W1Y1OBtLspsO4tMg7mA4HYaV5URchHsnK/JrXJ8L2BfcK/+dh6eImwZiWkYia 1bQ99LxzririUOtEquyaEoMm90mvM3Cglyxbx9Rg6CleEyALlOjE9JfoNbhEoVKVJa/rXO Cd1rxV+UulCxb4LbwUIINkzsfmM7h18= X-MC-Unique: zpTC6HwDMk6K6DWbEF0xCw-1 From: marcandre.lureau@redhat.com To: qemu-devel@nongnu.org Subject: [PULL 1/8] util: fix abstract socket path copy Date: Thu, 5 Aug 2021 16:53:24 +0400 Message-Id: <20210805125331.826741-2-marcandre.lureau@redhat.com> In-Reply-To: <20210805125331.826741-1-marcandre.lureau@redhat.com> References: <20210805125331.826741-1-marcandre.lureau@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=marcandre.lureau@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=170.10.133.124; envelope-from=marcandre.lureau@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -34 X-Spam_score: -3.5 X-Spam_bar: --- X-Spam_report: (-3.5 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.699, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1628168119536100001 From: Marc-Andr=C3=A9 Lureau Commit 776b97d360 "qemu-sockets: add abstract UNIX domain socket support" neglected to update socket_sockaddr_to_address_unix() and copied the whole sun_path without taking "salen" into account. Later, commit 3b14b4ec49 "sockets: Fix socket_sockaddr_to_address_unix() for abstract sockets" handled the abstract UNIX path, by stripping the leading \0 character and fixing address details, but didn't use salen either. Not taking "salen" into account may result in incorrect "path" being returned in monitors commands, as we read past the address which is not necessarily \0-terminated. Fixes: 776b97d3605ed0fc94443048fdf988c7725e38a9 Fixes: 3b14b4ec49a801067da19d6b8469eb1c1911c020 Signed-off-by: Marc-Andr=C3=A9 Lureau Reviewed-by: xiaoqiang zhao Reviewed-by: Daniel P. Berrang=C3=A9 --- util/qemu-sockets.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c index 080a240b74..f2f3676d1f 100644 --- a/util/qemu-sockets.c +++ b/util/qemu-sockets.c @@ -1345,13 +1345,16 @@ socket_sockaddr_to_address_unix(struct sockaddr_sto= rage *sa, SocketAddress *addr; struct sockaddr_un *su =3D (struct sockaddr_un *)sa; =20 + assert(salen >=3D sizeof(su->sun_family) + 1 && + salen <=3D sizeof(struct sockaddr_un)); + addr =3D g_new0(SocketAddress, 1); addr->type =3D SOCKET_ADDRESS_TYPE_UNIX; #ifdef CONFIG_LINUX if (!su->sun_path[0]) { /* Linux abstract socket */ addr->u.q_unix.path =3D g_strndup(su->sun_path + 1, - sizeof(su->sun_path) - 1); + salen - sizeof(su->sun_family) - 1= ); addr->u.q_unix.has_abstract =3D true; addr->u.q_unix.abstract =3D true; addr->u.q_unix.has_tight =3D true; --=20 2.32.0.264.g75ae10bc75