From b625ed5feebaac457311fe5299c3ee99dab5503a Mon Sep 17 00:00:00 2001 From: Stefano Brivio Date: Thu, 27 Jun 2024 22:16:45 +0200 Subject: conf: Use the right maximum buffer size for c->sock_path UNIX_SOCK_MAX is the maximum number we'll append to the socket path if we generate it automatically. If it's given on the command line, it can be up to UNIX_PATH_MAX (including the terminating character) long. UNIX_SOCK_MAX happened to kind of fit because it's 100 (instead of 108). Commit ceddcac74a6e ("conf, tap: False "Buffer not null terminated" positives, CWE-170") fixed the wrong problem: the right fix for the problem at hand was actually commit cc287af173ca ("conf: Fix incorrect bounds checking for sock_path parameter"). Fixes: ceddcac74a6e ("conf, tap: False "Buffer not null terminated" positives, CWE-170") Signed-off-by: Stefano Brivio Reviewed-by: David Gibson --- conf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf.c b/conf.c index 9e47e9a..3c38ceb 100644 --- a/conf.c +++ b/conf.c @@ -1398,7 +1398,7 @@ void conf(struct ctx *c, int argc, char **argv) c->foreground = 1; break; case 's': - ret = snprintf(c->sock_path, UNIX_SOCK_MAX - 1, "%s", + ret = snprintf(c->sock_path, sizeof(c->sock_path), "%s", optarg); if (ret <= 0 || ret >= (int)sizeof(c->sock_path)) die("Invalid socket path: %s", optarg); -- cgit v1.2.3