Return an error if a buffer overflows in do_mknod().
authorWayne Davison <wayned@samba.org>
Sun, 27 Oct 2013 17:12:53 +0000 (10:12 -0700)
committerWayne Davison <wayned@samba.org>
Sun, 27 Oct 2013 17:12:53 +0000 (10:12 -0700)
syscall.c

index fd23d151a31ca71149f7bb346504d13201ecceef..117f1a423c38879de8846c27e9cef60d57b39bd3 100644 (file)
--- a/syscall.c
+++ b/syscall.c
@@ -147,13 +147,13 @@ int do_mknod(const char *pathname, mode_t mode, dev_t dev)
        if (S_ISSOCK(mode)) {
                int sock;
                struct sockaddr_un saddr;
+               unsigned int len = strlcpy(saddr.sun_path, pathname, sizeof saddr.sun_path);
+               if (len >= sizeof saddr.sun_path) {
+                       errno = ENAMETOOLONG;
+                       return -1;
+               }
 #ifdef HAVE_SOCKADDR_UN_LEN
-               unsigned int len =
-#endif
-                   strlcpy(saddr.sun_path, pathname, sizeof saddr.sun_path);
-#ifdef HAVE_SOCKADDR_UN_LEN
-               saddr.sun_len = len >= sizeof saddr.sun_path
-                             ? sizeof saddr.sun_path : len + 1;
+               saddr.sun_len = len + 1;
 #endif
                saddr.sun_family = AF_UNIX;