| Message ID | 20210901152632.25511-1-peter.maydell@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | tests/vhost-user-bridge.c: Sanity check socket path length | expand |
On Wed, Sep 1, 2021 at 8:36 PM Peter Maydell <peter.maydell@linaro.org> wrote: > The vhost-user-bridge binary accepts a UNIX socket path on > the command line. Sanity check that this is short enough to > fit into a sockaddr_un before copying it in. > > Fixes: Coverity CID 1432866 > Signed-off-by: Peter Maydell <peter.maydell@linaro.org> > Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> --- > tests/vhost-user-bridge.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/tests/vhost-user-bridge.c b/tests/vhost-user-bridge.c > index 24815920b2b..cb009545fa5 100644 > --- a/tests/vhost-user-bridge.c > +++ b/tests/vhost-user-bridge.c > @@ -540,6 +540,11 @@ vubr_new(const char *path, bool client) > CallbackFunc cb; > size_t len; > > + if (strlen(path) >= sizeof(un.sun_path)) { > + fprintf(stderr, "unix domain socket path '%s' is too long\n", > path); > + exit(1); > + } > + > /* Get a UNIX socket. */ > dev->sock = socket(AF_UNIX, SOCK_STREAM, 0); > if (dev->sock == -1) { > -- > 2.20.1 > > >
diff --git a/tests/vhost-user-bridge.c b/tests/vhost-user-bridge.c index 24815920b2b..cb009545fa5 100644 --- a/tests/vhost-user-bridge.c +++ b/tests/vhost-user-bridge.c @@ -540,6 +540,11 @@ vubr_new(const char *path, bool client) CallbackFunc cb; size_t len; + if (strlen(path) >= sizeof(un.sun_path)) { + fprintf(stderr, "unix domain socket path '%s' is too long\n", path); + exit(1); + } + /* Get a UNIX socket. */ dev->sock = socket(AF_UNIX, SOCK_STREAM, 0); if (dev->sock == -1) {
The vhost-user-bridge binary accepts a UNIX socket path on the command line. Sanity check that this is short enough to fit into a sockaddr_un before copying it in. Fixes: Coverity CID 1432866 Signed-off-by: Peter Maydell <peter.maydell@linaro.org> --- tests/vhost-user-bridge.c | 5 +++++ 1 file changed, 5 insertions(+)