ericonr
/
util-linux
mirror of https://github.com/ericonr/util-linux.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

libuuid: fix buffer overflow with long paths 

Based on patch from Justin Akers, he wrote:
> When building Openembedded inside a Jenkins matrix job the paths can
> get quite long. This ensures libuuid won't crash when attempting to
> connect to uuidd in such a scenario.

Reported-by: Justin Akers <dafugg@gmail.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
Karel Zak 2015-09-30 12:42:16 +02:00
parent 1ceb4077af
commit d5358bbb6b
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libuuid/src/gen_uuid.c
View File

@ -85,6 +85,7 @@
#include "uuidP.h"
#include "uuidd.h"
#include "randutils.h"
#include "strutils.h"
#include "c.h"
#ifdef HAVE_TLS
@ -329,6 +330,7 @@ try_again:
}
#if defined(HAVE_UUIDD) && defined(HAVE_SYS_UN_H)
/*
* Try using the uuidd daemon to generate the UUID
*
@ -343,11 +345,14 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num)
int32_t reply_len = 0, expected = 16;
struct sockaddr_un srv_addr;
if (sizeof(UUIDD_SOCKET_PATH) > sizeof(srv_addr.sun_path))
return -1;
if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
return -1;
srv_addr.sun_family = AF_UNIX;
strcpy(srv_addr.sun_path, UUIDD_SOCKET_PATH);
xstrncpy(srv_addr.sun_path, UUIDD_SOCKET_PATH, sizeof(srv_addr.sun_path));
if (connect(s, (const struct sockaddr *) &srv_addr,
sizeof(struct sockaddr_un)) < 0)