Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 5d1c9487419aa88a775ba739aaf4081f89df8487^! / . / src / proto_uxst.c
commit5d1c9487419aa88a775ba739aaf4081f89df8487[log] [tgz]
authorWilly Tarreau <w@1wt.eu>Tue Feb 11 06:43:37 2020 +0100
committerWilly Tarreau <w@1wt.eu>Tue Feb 11 06:56:55 2020 +0100
tree9aaf17f8c6bd8fdce9fa651e9c70dc7274f541d8
parenta4a4c7899dc9636b5616c717cab8d72520123eeb [diff] [blame]
BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit

We do have some checks for the UNIX socket path length to validate the
full pathname of a unix socket but the pathname extension is only taken
into account when using a bind_prefix. The second check only matches
against MAXPATHLEN. So this means that path names between 98 and 108
might successfully parse but fail to bind. Let's adjust the check in
the address parser and refine the error checking at the bind() step.

This addresses bug #493.

(cherry picked from commit 327ea5aec83092404bca09df2fb9aa86118c8a73)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit 359312fe954764e422f7b4d1c365e3dc9d603aac)
Signed-off-by: Willy Tarreau <w@1wt.eu>

diff --git a/src/proto_uxst.c b/src/proto_uxst.c
index 1068fe4..9dd4bb4 100644
--- a/src/proto_uxst.c
+++ b/src/proto_uxst.c

@@ -187,6 +187,7 @@
 	struct sockaddr_un addr;
 	const char *msg = NULL;
 	const char *path;
+	int maxpathlen;
 	int ext, ready;
 	socklen_t ready_len;
 	int err;
@@ -205,6 +206,8 @@
 		listener->fd = uxst_find_compatible_fd(listener);
 	path = ((struct sockaddr_un *)&listener->addr)->sun_path;
 
+	maxpathlen = MIN(MAXPATHLEN, sizeof(addr.sun_path));
+
 	/* if the listener already has an fd assigned, then we were offered the
 	 * fd by an external process (most likely the parent), and we don't want
 	 * to create a new socket. However we still want to set a few flags on
@@ -216,17 +219,17 @@
 		goto fd_ready;
 
 	if (path[0]) {
-		ret = snprintf(tempname, MAXPATHLEN, "%s.%d.tmp", path, pid);
-		if (ret < 0 || ret >= MAXPATHLEN) {
+		ret = snprintf(tempname, maxpathlen, "%s.%d.tmp", path, pid);
+		if (ret < 0 || ret >= maxpathlen) {
 			err |= ERR_FATAL | ERR_ALERT;
-			msg = "name too long for UNIX socket";
+			msg = "name too long for UNIX socket (limit usually 97)";
 			goto err_return;
 		}
 
-		ret = snprintf(backname, MAXPATHLEN, "%s.%d.bak", path, pid);
-		if (ret < 0 || ret >= MAXPATHLEN) {
+		ret = snprintf(backname, maxpathlen, "%s.%d.bak", path, pid);
+		if (ret < 0 || ret >= maxpathlen) {
 			err |= ERR_FATAL | ERR_ALERT;
-			msg = "name too long for UNIX socket";
+			msg = "name too long for UNIX socket (limit usually 97)";
 			goto err_return;
 		}