make lxc_af_unix_open() safely return error on long pathnames

Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c
index eff13d4fbe157a149476733388dcca8112c1b6a1..45fe128c87d08f9bf23e86119670930939a32b11 100644 (file)
--- a/src/lxc/af_unix.c
+++ b/src/lxc/af_unix.c
@@ -36,6 +36,7 @@ lxc_log_define(lxc_af_unix, lxc);
 int lxc_af_unix_open(const char *path, int type, int flags)
 {
        int fd;
+       size_t len;
        struct sockaddr_un addr;
 
        if (flags & O_TRUNC)
@@ -52,8 +53,16 @@ int lxc_af_unix_open(const char *path, int type, int flags)
 
        addr.sun_family = AF_UNIX;
        /* copy entire buffer in case of abstract socket */
-       memcpy(addr.sun_path, path,
-              path[0]?strlen(path):sizeof(addr.sun_path));
+       len = sizeof(addr.sun_path);
+       if (path[0]) {
+               len = strlen(path);
+               if (len >= sizeof(addr.sun_path)) {
+                       close(fd);
+                       errno = ENAMETOOLONG;
+                       return -1;
+               }
+       }
+       memcpy(addr.sun_path, path, len);
 
        if (bind(fd, (struct sockaddr *)&addr, sizeof(addr))) {
                int tmp = errno;
@@ -61,7 +70,7 @@ int lxc_af_unix_open(const char *path, int type, int flags)
                errno = tmp;
                return -1;
        }
-       
+
        if (type == SOCK_STREAM && listen(fd, 100)) {
                int tmp = errno;
                close(fd);
@@ -76,7 +85,7 @@ int lxc_af_unix_close(int fd)
 {
        struct sockaddr_un addr;
        socklen_t addrlen = sizeof(addr);
-       
+
        if (!getsockname(fd, (struct sockaddr *)&addr, &addrlen) &&
            addr.sun_path[0])
                unlink(addr.sun_path);