On Wed, Sep 1, 2021 at 8:36 PM Peter Maydell <[email protected]> wrote:
> The vhost-user-bridge binary accepts a UNIX socket path on > the command line. Sanity check that this is short enough to > fit into a sockaddr_un before copying it in. > > Fixes: Coverity CID 1432866 > Signed-off-by: Peter Maydell <[email protected]> > Reviewed-by: Marc-André Lureau <[email protected]> --- > tests/vhost-user-bridge.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/tests/vhost-user-bridge.c b/tests/vhost-user-bridge.c > index 24815920b2b..cb009545fa5 100644 > --- a/tests/vhost-user-bridge.c > +++ b/tests/vhost-user-bridge.c > @@ -540,6 +540,11 @@ vubr_new(const char *path, bool client) > CallbackFunc cb; > size_t len; > > + if (strlen(path) >= sizeof(un.sun_path)) { > + fprintf(stderr, "unix domain socket path '%s' is too long\n", > path); > + exit(1); > + } > + > /* Get a UNIX socket. */ > dev->sock = socket(AF_UNIX, SOCK_STREAM, 0); > if (dev->sock == -1) { > -- > 2.20.1 > > > -- Marc-André Lureau
