All of lore.kernel.org
 help / color / mirror / Atom feed
From: Matthew Daley <mattd@bugfuzz.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>,
	Ian Campbell <Ian.Campbell@citrix.com>,
	Xen-devel <xen-devel@lists.xen.org>
Subject: Re: [PATCH 3/4] tools/xenstored: Avoid buffer overflows while setting up sockets
Date: Tue, 26 Nov 2013 01:25:29 +1300	[thread overview]
Message-ID: <CAD3CanccryKjcUDJ21sm6LJ75dv8JmPi8BRNuzpF2jwLsZ_Y-Q@mail.gmail.com> (raw)
In-Reply-To: <1385377664-20979-4-git-send-email-andrew.cooper3@citrix.com>

On Tue, Nov 26, 2013 at 12:07 AM, Andrew Cooper
<andrew.cooper3@citrix.com> wrote:
> Coverity ID: 1055996 1056002
>
> Use strncpy in preference to strcpy, and use the correct failing path for
> error messages.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> CC: Ian Campbell <Ian.Campbell@citrix.com>
> CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
> ---
>  tools/xenstore/xenstored_core.c |    9 ++++-----
>  1 file changed, 4 insertions(+), 5 deletions(-)
>
> diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
> index ccfdaa3..3c13c64 100644
> --- a/tools/xenstore/xenstored_core.c
> +++ b/tools/xenstore/xenstored_core.c
> @@ -1735,13 +1735,12 @@ static void init_sockets(int **psock, int **pro_sock)
>         unlink(xs_daemon_socket_ro());
>
>         addr.sun_family = AF_UNIX;
> -       strcpy(addr.sun_path, xs_daemon_socket());
> +       strncpy(addr.sun_path, xs_daemon_socket(), sizeof(addr.sun_path));

Nitpick: Using strncpy in this manner is unsafe as it does not
guarantee the null-termination of the result in the destination buffer
(which would presumably make barf_perror unhappy). For that reason,
and to avoid truncation, I check the source string length directly
instead in commit f220279c14, for example.

- Matthew

>         if (bind(*sock, (struct sockaddr *)&addr, sizeof(addr)) != 0)
> -               barf_perror("Could not bind socket to %s", xs_daemon_socket());
> -       strcpy(addr.sun_path, xs_daemon_socket_ro());
> +               barf_perror("Could not bind socket to %s", addr.sun_path);
> +       strncpy(addr.sun_path, xs_daemon_socket_ro(), sizeof(addr.sun_path));
>         if (bind(*ro_sock, (struct sockaddr *)&addr, sizeof(addr)) != 0)
> -               barf_perror("Could not bind socket to %s",
> -                           xs_daemon_socket_ro());
> +               barf_perror("Could not bind socket to %s", addr.sun_path);
>         if (chmod(xs_daemon_socket(), 0600) != 0
>             || chmod(xs_daemon_socket_ro(), 0660) != 0)
>                 barf_perror("Could not chmod sockets");
> --
> 1.7.10.4
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel

  reply	other threads:[~2013-11-25 12:25 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-11-25 11:07 [PATCH 0/4] Coverity fixes for tools/xenstore Andrew Cooper
2013-11-25 11:07 ` [PATCH 1/4] tools/xenstore: Fix 15 potential resource leaks in build() Andrew Cooper
2013-11-25 12:23   ` Ian Jackson
2013-11-25 11:07 ` [PATCH 2/4] tools/xenstore-rm: Fix memory leaks Andrew Cooper
2013-11-25 12:24   ` Ian Jackson
2013-11-25 11:07 ` [PATCH 3/4] tools/xenstored: Avoid buffer overflows while setting up sockets Andrew Cooper
2013-11-25 12:25   ` Matthew Daley [this message]
2013-11-25 14:38     ` [Patch v2 " Andrew Cooper
2013-12-02 13:18       ` Andrew Cooper
2013-12-09 13:32         ` Andrew Cooper
2013-12-13 18:13           ` Andrew Cooper
2013-12-13 18:28             ` [Patch v2 3/4] tools/xenstored: Avoid buffer overflows while setting up sockets [and 1 more messages] Ian Jackson
2013-12-13 19:15               ` Andrew Cooper
2013-11-25 12:27   ` [PATCH 3/4] tools/xenstored: Avoid buffer overflows while setting up sockets Ian Jackson
2013-11-25 11:07 ` [PATCH 4/4] tools/xenstored: Don't leak a file handle when creating the pidfile Andrew Cooper
2013-11-25 12:29   ` Ian Jackson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAD3CanccryKjcUDJ21sm6LJ75dv8JmPi8BRNuzpF2jwLsZ_Y-Q@mail.gmail.com \
    --to=mattd@bugfuzz.com \
    --cc=Ian.Campbell@citrix.com \
    --cc=Ian.Jackson@eu.citrix.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=xen-devel@lists.xen.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.