Date: Fri, 5 Jun 2009 15:54:31 GMT From: Stacey Son <sson@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 163575 for review Message-ID: <200906051554.n55FsVkG011720@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=163575 Change 163575 by sson@sson_amd64 on 2009/06/05 15:54:10 Fix parsing bug for AUT_SOCKUNIX tokens. fetch_sock_unix_tok() assumes that the path component of AUT_SOCKUNIX is a fixed length when is actually a variable length. Affected files ... .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#93 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 (text+ko) ==== @@ -32,7 +32,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#62 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#63 $ */ #include <sys/types.h> @@ -3176,19 +3176,25 @@ /* * socket family 2 bytes - * path 104 bytes + * path (up to) 104 bytes + NULL (NULL terminated string). */ static int fetch_sock_unix_tok(tokenstr_t *tok, u_char *buf, int len) { int err = 0; + u_char *p; + int slen; + READ_TOKEN_U_INT16(buf, len, tok->tt.sockunix.family, tok->len, err); if (err) return (-1); - READ_TOKEN_BYTES(buf, len, tok->tt.sockunix.path, 104, tok->len, - err); + /* slen = strnlen((buf + tok->len), 104) + 1; */ + p = (u_char *)memchr((const void *)(buf + tok->len), '\0', 104); + slen = (p ? (int)(p - (buf + tok->len)) : 104) + 1; + + READ_TOKEN_BYTES(buf, len, tok->tt.sockunix.path, slen, tok->len, err); if (err) return (-1); ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#93 (text+ko) ==== @@ -30,7 +30,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#92 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_token.c#93 $ */ #include <sys/types.h> @@ -996,7 +996,7 @@ /* * token ID 1 byte * socket family 2 bytes - * path 104 bytes + * path (up to) 104 bytes + NULL (NULL terminated string) */ token_t * au_to_sock_unix(struct sockaddr_un *so)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906051554.n55FsVkG011720>