Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-09-01 Thread Daniel P . Berrangé
On Wed, Sep 01, 2021 at 02:45:55PM +0300, Michael Tokarev wrote: > On 01.09.2021 12:52, Peter Maydell wrote: > > On Wed, 1 Sept 2021 at 09:29, Michael Tokarev wrote: > ... > > > We have sizeof(sockaddr_storage) space there. If the kernel returned > > > salen greather than that, this means we recei

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-09-01 Thread Daniel P . Berrangé
On Wed, Sep 01, 2021 at 11:29:58AM +0300, Michael Tokarev wrote: > On 31.08.2021 22:47, Peter Maydell wrote: > > On Tue, 31 Aug 2021 at 19:34, Michael Tokarev wrote: > .. > > > -assert(salen >= sizeof(su->sun_family) + 1 && > > > - salen <= sizeof(struct sockaddr_un)); > > > +/*

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-09-01 Thread Michael Tokarev
On 01.09.2021 12:52, Peter Maydell wrote: On Wed, 1 Sept 2021 at 09:29, Michael Tokarev wrote: ... We have sizeof(sockaddr_storage) space there. If the kernel returned salen greather than that, this means we received only partial address and can't rely on it. It is like snprintf() returning mo

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-09-01 Thread Peter Maydell
On Wed, 1 Sept 2021 at 09:29, Michael Tokarev wrote: > > On 31.08.2021 22:47, Peter Maydell wrote: > > On Tue, 31 Aug 2021 at 19:34, Michael Tokarev wrote: > .. > >> -assert(salen >= sizeof(su->sun_family) + 1 && > >> - salen <= sizeof(struct sockaddr_un)); > >> +/* there's a co

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-09-01 Thread Michael Tokarev
On 01.09.2021 12:12, Daniel P. Berrangé wrote: Seems right to me, however there are some notes in libc bits/socket.h /* Structure large enough to hold any socket address (with the historical exception of AF_UNIX). */ And also this https://idea.popcount.org/2019-12-06-addressing/#fn:sockaddr

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-09-01 Thread Daniel P . Berrangé
On Tue, Aug 31, 2021 at 11:21:43PM +0400, Marc-André Lureau wrote: > Hi > > On Tue, Aug 31, 2021 at 10:26 PM Michael Tokarev wrote: > > > We test whenever the path of unix-domain socket > > address is non-empty and strictly-less than > > the length of the path buffer. Both these > > conditions a

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-09-01 Thread Michael Tokarev
On 31.08.2021 22:47, Peter Maydell wrote: On Tue, 31 Aug 2021 at 19:34, Michael Tokarev wrote: .. -assert(salen >= sizeof(su->sun_family) + 1 && - salen <= sizeof(struct sockaddr_un)); +/* there's a corner case when trailing \0 does not fit into + * sockaddr_un. Compare l

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-08-31 Thread Peter Maydell
On Tue, 31 Aug 2021 at 19:34, Michael Tokarev wrote: > > We test whenever the path of unix-domain socket > address is non-empty and strictly-less than > the length of the path buffer. Both these > conditions are wrong: the socket can be unnamed, > with empty path, or socket can have pathname > nul

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-08-31 Thread Michael Tokarev
31.08.2021 22:21, Marc-André Lureau wrote: ... Seems right to me, however there are some notes in libc bits/socket.h /* Structure large enough to hold any socket address (with the historical    exception of AF_UNIX).  */ And also this https://idea.popcount.org/2019-12-06-addressing/#fn:sockadd

Re: [PATCH] qemu-sockets: fix unix socket path copy (again)

2021-08-31 Thread Marc-André Lureau
Hi On Tue, Aug 31, 2021 at 10:26 PM Michael Tokarev wrote: > We test whenever the path of unix-domain socket > address is non-empty and strictly-less than > the length of the path buffer. Both these > conditions are wrong: the socket can be unnamed, > with empty path, or socket can have pathname

[PATCH] qemu-sockets: fix unix socket path copy (again)

2021-08-31 Thread Michael Tokarev
We test whenever the path of unix-domain socket address is non-empty and strictly-less than the length of the path buffer. Both these conditions are wrong: the socket can be unnamed, with empty path, or socket can have pathname null-terminated _after_ the sun_path buffer, since we provided more roo