PERFORCE change 163575 for review
Stacey Son
sson at FreeBSD.org
Fri Jun 5 15:54:33 UTC 2009
http://perforce.freebsd.org/chv.cgi?CH=163575
Change 163575 by sson at sson_amd64 on 2009/06/05 15:54:10
Fix parsing bug for AUT_SOCKUNIX tokens.
fetch_sock_unix_tok() assumes that the path component of
AUT_SOCKUNIX is a fixed length when is actually a variable
length.
Affected files ...
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#93 edit
Differences ...
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 (text+ko) ====
@@ -32,7 +32,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#62 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 $
*/
#include <sys/types.h>
@@ -3176,19 +3176,25 @@
/*
* socket family 2 bytes
- * path 104 bytes
+ * path (up to) 104 bytes + NULL (NULL terminated string).
*/
static int
fetch_sock_unix_tok(tokenstr_t *tok, u_char *buf, int len)
{
int err = 0;
+ u_char *p;
+ int slen;
+
READ_TOKEN_U_INT16(buf, len, tok->tt.sockunix.family, tok->len, err);
if (err)
return (-1);
- READ_TOKEN_BYTES(buf, len, tok->tt.sockunix.path, 104, tok->len,
- err);
+ /* slen = strnlen((buf + tok->len), 104) + 1; */
+ p = (u_char *)memchr((const void *)(buf + tok->len), '\0', 104);
+ slen = (p ? (int)(p - (buf + tok->len)) : 104) + 1;
+
+ READ_TOKEN_BYTES(buf, len, tok->tt.sockunix.path, slen, tok->len, err);
if (err)
return (-1);
==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#93 (text+ko) ====
@@ -30,7 +30,7 @@
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#92 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#93 $
*/
#include <sys/types.h>
@@ -996,7 +996,7 @@
/*
* token ID 1 byte
* socket family 2 bytes
- * path 104 bytes
+ * path (up to) 104 bytes + NULL (NULL terminated string)
*/
token_t *
au_to_sock_unix(struct sockaddr_un *so)
More information about the p4-projects
mailing list