diff mbox series

[PULL,23/35] tests/vhost-user-bridge.c: Sanity check socket path length

Message ID 20210904213506.486886-24-mst@redhat.com
State Accepted
Commit f88435148dd38a9c609de348abc9ae231f2dbfc0
Headers show
Series None | expand

Commit Message

Michael S. Tsirkin Sept. 4, 2021, 9:37 p.m. UTC
From: Peter Maydell <peter.maydell@linaro.org>


The vhost-user-bridge binary accepts a UNIX socket path on
the command line. Sanity check that this is short enough to
fit into a sockaddr_un before copying it in.

Fixes: Coverity CID 1432866
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

Message-Id: <20210901152632.25511-1-peter.maydell@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

---
 tests/vhost-user-bridge.c | 5 +++++
 1 file changed, 5 insertions(+)

-- 
MST
diff mbox series

Patch

diff --git a/tests/vhost-user-bridge.c b/tests/vhost-user-bridge.c
index 24815920b2..cb009545fa 100644
--- a/tests/vhost-user-bridge.c
+++ b/tests/vhost-user-bridge.c
@@ -540,6 +540,11 @@  vubr_new(const char *path, bool client)
     CallbackFunc cb;
     size_t len;
 
+    if (strlen(path) >= sizeof(un.sun_path)) {
+        fprintf(stderr, "unix domain socket path '%s' is too long\n", path);
+        exit(1);
+    }
+
     /* Get a UNIX socket. */
     dev->sock = socket(AF_UNIX, SOCK_STREAM, 0);
     if (dev->sock == -1) {