svn commit: r311381 - head/contrib/bsnmp/snmpd

Ngie Cooper ngie at FreeBSD.org
Thu Jan 5 08:14:21 UTC 2017


Author: ngie
Date: Thu Jan  5 08:14:20 2017
New Revision: 311381
URL: https://svnweb.freebsd.org/changeset/base/311381

Log:
  lsock_init_port: address issues with initializing sockaddr_un object
  
  - Use strlcpy to ensure p->name doesn't overflow sa.sun_path [*].
  - Use SUN_LEN(..) instead of spelling out calculation longhand (inspired
    by comment by jmallett).
  
  Tested with:	dgram and stream support with both bsnmpwalk and snmpwalk
  
  MFC after:	1 week
  Reported by:	Coverity
  CID:		1006825

Modified:
  head/contrib/bsnmp/snmpd/trans_lsock.c

Modified: head/contrib/bsnmp/snmpd/trans_lsock.c
==============================================================================
--- head/contrib/bsnmp/snmpd/trans_lsock.c	Thu Jan  5 08:04:04 2017	(r311380)
+++ head/contrib/bsnmp/snmpd/trans_lsock.c	Thu Jan  5 08:14:20 2017	(r311381)
@@ -308,10 +308,9 @@ lsock_init_port(struct tport *tp)
 			return (SNMP_ERR_RES_UNAVAIL);
 		}
 
-		strcpy(sa.sun_path, p->name);
+		strlcpy(sa.sun_path, p->name, sizeof(sa.sun_path));
 		sa.sun_family = AF_LOCAL;
-		sa.sun_len = strlen(p->name) +
-		    offsetof(struct sockaddr_un, sun_path);
+		sa.sun_len = SUN_LEN(&sa);
 
 		(void)remove(p->name);
 
@@ -363,10 +362,9 @@ lsock_init_port(struct tport *tp)
 			return (SNMP_ERR_GENERR);
 		}
 
-		strcpy(sa.sun_path, p->name);
+		strlcpy(sa.sun_path, p->name, sizeof(sa.sun_path));
 		sa.sun_family = AF_LOCAL;
-		sa.sun_len = strlen(p->name) +
-		    offsetof(struct sockaddr_un, sun_path);
+		sa.sun_len = SUN_LEN(&sa);
 
 		(void)remove(p->name);
 


More information about the svn-src-head mailing list