Message116178
I see. Looking at net/unix/af_unix.c:unix_mkname of Linux 2.6, there is a comment that says
Check unix socket name: [...]
- if started by not zero, should be NULL terminated (FS object)
However, the code then just does
/*
* This may look like an off by one error but it is a bit more
* subtle. 108 is the longest valid AF_UNIX path for a binding.
* sun_path[108] doesnt as such exist. However in kernel space
* we are guaranteed that it is a valid memory location in our
* kernel address buffer.
*/
((char *)sunaddr)[len] = 0;
len = strlen(sunaddr->sun_path)+1+sizeof(short);
return len;
So it doesn't actually check that it's null-terminated, but always sets the null termination in kernel based on the address length. Interesting.
With all the effort that went into the patch, I recommend to get it right: if there is space for the \0, include it. If the string size is exactly 108, and it's linux, write it unterminated. Else fail.
As for testing: we should then definitely have a test that, if you can create an 108 byte unix socket that its socket name is what we said it should be. |
|
Date |
User |
Action |
Args |
2010-09-12 11:57:44 | loewis | set | recipients:
+ loewis, pitrou, vstinner, baikie |
2010-09-12 11:57:44 | loewis | set | messageid: <1284292664.16.0.799733584706.issue8372@psf.upfronthosting.co.za> |
2010-09-12 11:57:38 | loewis | link | issue8372 messages |
2010-09-12 11:57:38 | loewis | create | |
|