projects
/
fio.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
server: fix potential buffer overrun in socket setup path
[fio.git]
/
server.c
diff --git
a/server.c
b/server.c
index c2cf2ddd9d557e7e915083be0f10c8aaf46963de..2fa51dff475b013202f0ca2b3b72324a2b07cebe 100644
(file)
--- a/
server.c
+++ b/
server.c
@@
-1339,7
+1339,7
@@
static int fio_init_server_sock(void)
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
- str
cpy(addr.sun_path, bind_sock
);
+ str
ncpy(addr.sun_path, bind_sock, sizeof(addr.sun_path) - 1
);
len = sizeof(addr.sun_family) + strlen(bind_sock) + 1;
len = sizeof(addr.sun_family) + strlen(bind_sock) + 1;
@@
-1368,6
+1368,8
@@
static int fio_init_server_connection(void)
if (sk < 0)
return sk;
if (sk < 0)
return sk;
+ memset(bind_str, 0, sizeof(bind_str));
+
if (!bind_sock) {
char *p, port[16];
const void *src;
if (!bind_sock) {
char *p, port[16];
const void *src;
@@
-1387,9
+1389,9
@@
static int fio_init_server_connection(void)
if (p)
strcat(p, port);
else
if (p)
strcat(p, port);
else
- str
cpy(bind_str, port
);
+ str
ncpy(bind_str, port, sizeof(bind_str) - 1
);
} else
} else
- str
cpy(bind_str, bind_sock
);
+ str
ncpy(bind_str, bind_sock, sizeof(bind_str) - 1
);
log_info("fio: server listening on %s\n", bind_str);
log_info("fio: server listening on %s\n", bind_str);