virtfs-proxy: Fix possible overflow

It's detected by coverity. The socket name specified should fit in the sockadd_un.sun_path. If not abort. Signed-off-by: N Shannon Zhao <zhaoshenglong@huawei.com> Signed-off-by: N Shannon Zhao <shannon.zhao@linaro.org> Signed-off-by: N Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>

virtfs-proxy: Fix possible overflow
It's detected by coverity. The socket name specified should fit in the sockadd_un.sun_path. If not abort. Signed-off-by: N Shannon Zhao <zhaoshenglong@huawei.com> Signed-off-by: N Shannon Zhao <shannon.zhao@linaro.org> Signed-off-by: N Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
25ee9a7f · Shannon Zhao · Aneesh Kumar K.V · 821c4476 · 25ee9a7f · 25ee9a7f
隐藏空白更改
内联并排

Showing with 5 addition and 0 deletion

fsdev/virtfs-proxy-helper.c fsdev/virtfs-proxy-helper.c +1 -0

hw/9pfs/virtio-9p-proxy.c hw/9pfs/virtio-9p-proxy.c +4 -0

未找到文件。
--- a/fsdev/virtfs-proxy-helper.c
+++ b/fsdev/virtfs-proxy-helper.c
@@ -738,6 +738,7 @@ static int proxy_socket(const char *path, uid_t uid, gid_t gid)
        return -1;
    }

+    g_assert(strlen(path) < sizeof(proxy.sun_path));
    sock = socket(AF_UNIX, SOCK_STREAM, 0);
    if (sock < 0) {
        do_perror("socket");

--- a/hw/9pfs/virtio-9p-proxy.c
+++ b/hw/9pfs/virtio-9p-proxy.c
@@ -1100,6 +1100,10 @@ static int connect_namedsocket(const char *path)
    int sockfd, size;
    struct sockaddr_un helper;

+    if (strlen(path) >= sizeof(helper.sun_path)) {
+        fprintf(stderr, "Socket name too large\n");
+        return -1;
+    }
    sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
    if (sockfd < 0) {
        fprintf(stderr, "failed to create socket: %s\n", strerror(errno));