8 Nov
2018
8 Nov
'18
3:20 p.m.
Module: check_mk
Branch: master
Commit: 5b10ce9f0322026b03fa9d9fe345295f6257b30d
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=5b10ce9f032202…
Author: Sven Panne <sp(a)mathias-kettner.de>
Date: Thu Nov 8 16:11:29 2018 +0100
Fixed a few potential problems with long pathnames for UNIX domain sockets.
Found by -Wstringop-truncation.
Change-Id: I65c4a01af54b1d4102dc1cd862c486ba9cc1fe32
---
active_checks/check_mkevents.cc | 15 ++++++++-------
livestatus/api/c++/Livestatus.cc | 11 ++++++-----
livestatus/src/module.cc | 3 ++-
livestatus/src/unixcat.cc | 3 ++-
4 files changed, 18 insertions(+), 14 deletions(-)
diff --git a/active_checks/check_mkevents.cc b/active_checks/check_mkevents.cc
index cef9ee6..eb18419 100644
--- a/active_checks/check_mkevents.cc
+++ b/active_checks/check_mkevents.cc
@@ -71,7 +71,7 @@ std::ostream &operator<<(std::ostream &os, const State
&state) {
exit(static_cast<int>(state));
}
-[[noreturn]] void ioError(const std::string &message) {
+ [[noreturn]] void ioError(const std::string &message) {
reply(State::unknown, message + " (" + strerror(errno) + ")");
}
@@ -200,13 +200,14 @@ int main(int argc, char **argv) {
tv.tv_sec = 3;
setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval));
- struct sockaddr_un addr;
- memset(&addr, 0, sizeof(struct sockaddr_un));
- addr.sun_family = AF_UNIX;
- strncpy(addr.sun_path, unixsocket_path.c_str(), sizeof(addr.sun_path));
+ struct sockaddr_un sockaddr;
+ sockaddr.sun_family = AF_UNIX;
+ strncpy(sockaddr.sun_path, unixsocket_path.c_str(),
+ sizeof(sockaddr.sun_path) - 1);
+ sockaddr.sun_path[sizeof(sockaddr.sun_path) - 1] = '\0';
- if (0 > connect(sock, reinterpret_cast<struct sockaddr *>(&addr),
- sizeof(struct sockaddr_un))) {
+ if (0 > connect(sock, reinterpret_cast<struct sockaddr
*>(&sockaddr),
+ sizeof(struct sockaddr))) {
ioError("Cannot connect to event daemon via UNIX socket " +
unixsocket_path);
}
diff --git a/livestatus/api/c++/Livestatus.cc b/livestatus/api/c++/Livestatus.cc
index 58193f6..782a044 100644
--- a/livestatus/api/c++/Livestatus.cc
+++ b/livestatus/api/c++/Livestatus.cc
@@ -31,11 +31,12 @@
void Livestatus::connectUNIX(const char *socket_path) {
_connection = socket(PF_LOCAL, SOCK_STREAM, 0);
- struct sockaddr_un sa;
- sa.sun_family = AF_LOCAL;
- strncpy(sa.sun_path, socket_path, sizeof(sa.sun_path));
- if (0 > connect(_connection, (const struct sockaddr *)&sa,
- sizeof(sockaddr_un))) {
+ struct sockaddr_un sockaddr;
+ sockaddr.sun_family = AF_UNIX;
+ strncpy(sockaddr.sun_path, socket_path, sizeof(sockaddr.sun_path) - 1);
+ sockaddr.sun_path[sizeof(sockaddr.sun_path) - 1] = '\0';
+ if (0 > connect(_connection, (const struct sockaddr *)&sockaddr,
+ sizeof(sockaddr))) {
close(_connection);
_connection = -1;
} else
diff --git a/livestatus/src/module.cc b/livestatus/src/module.cc
index 365875d..3764223 100644
--- a/livestatus/src/module.cc
+++ b/livestatus/src/module.cc
@@ -408,7 +408,8 @@ bool open_unix_socket() {
struct sockaddr_un sockaddr;
sockaddr.sun_family = AF_UNIX;
strncpy(sockaddr.sun_path, fl_socket_path.c_str(),
- sizeof(sockaddr.sun_path));
+ sizeof(sockaddr.sun_path) - 1);
+ sockaddr.sun_path[sizeof(sockaddr.sun_path) - 1] = '\0';
if (bind(g_unix_socket, reinterpret_cast<struct sockaddr *>(&sockaddr),
sizeof(sockaddr)) < 0) {
generic_error ge("cannot bind UNIX socket to address " +
diff --git a/livestatus/src/unixcat.cc b/livestatus/src/unixcat.cc
index dcfb9c4..714fa4c 100644
--- a/livestatus/src/unixcat.cc
+++ b/livestatus/src/unixcat.cc
@@ -131,7 +131,8 @@ int main(int argc, char **argv) {
/* Connect */
struct sockaddr_un sockaddr;
sockaddr.sun_family = AF_UNIX;
- strncpy(sockaddr.sun_path, unixpath.c_str(), sizeof(sockaddr.sun_path));
+ strncpy(sockaddr.sun_path, unixpath.c_str(), sizeof(sockaddr.sun_path) - 1);
+ sockaddr.sun_path[sizeof(sockaddr.sun_path) - 1] = '\0';
if (connect(sock, reinterpret_cast<struct sockaddr *>(&sockaddr),
sizeof(sockaddr)) != 0) {
printErrno("Couldn't connect to UNIX-socket at " + unixpath);