From ce47d1ea7850fa77759c01e558eb75b7db41aab6 Mon Sep 17 00:00:00 2001 From: florian Date: Thu, 31 Oct 2013 21:53:16 +0000 Subject: Initialize sun_len, pointed out by deraadt@. While there also check length of socket path, more relevant now since an alternative socket can be specified. OK benno@ --- slowcgi.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'slowcgi.c') diff --git a/slowcgi.c b/slowcgi.c index 539b610..9b50868 100644 --- a/slowcgi.c +++ b/slowcgi.c @@ -1,4 +1,4 @@ -/* $OpenBSD: slowcgi.c,v 1.25 2013/10/29 17:59:47 florian Exp $ */ +/* $OpenBSD: slowcgi.c,v 1.26 2013/10/31 21:53:16 florian Exp $ */ /* * Copyright (c) 2013 David Gwynne * Copyright (c) 2013 Florian Obser @@ -337,6 +337,7 @@ slowcgi_listen(char *path, gid_t gid) { struct listener *l = NULL; struct sockaddr_un sun; + size_t len; mode_t old_umask, mode; int fd; @@ -346,7 +347,10 @@ slowcgi_listen(char *path, gid_t gid) bzero(&sun, sizeof(sun)); sun.sun_family = AF_UNIX; - strlcpy(sun.sun_path, path, sizeof(sun.sun_path)); + len = strlcpy(sun.sun_path, path, sizeof(sun.sun_path)); + if (len >= sizeof(sun.sun_path)) + lerrx(1, "socket path to long"); + sun.sun_len = len; if (unlink(path) == -1) if (errno != ENOENT) -- cgit v1.2.3-2-gb3c3