qemu/util
Michael Tokarev 118d527f2e qemu-sockets: fix unix socket path copy (again)
Commit 4cfd970ec1 added an
assert which ensures the path within an address of a unix
socket returned from the kernel is at least one byte and
does not exceed sun_path buffer. Both of this constraints
are wrong:

A unix socket can be unnamed, in this case the path is
completely empty (not even \0)

And some implementations (notable linux) can add extra
trailing byte (\0) _after_ the sun_path buffer if we
passed buffer larger than it (and we do).

So remove the assertion (since it causes real-life breakage)
but at the same time fix the usage of sun_path. Namely,
we should not access sun_path[0] if kernel did not return
it at all (this is the case for unnamed sockets),
and use the returned salen when copyig actual path as an
upper constraint for the amount of bytes to copy - this
will ensure we wont exceed the information provided by
the kernel, regardless whenever there is a trailing \0
or not. This also helps with unnamed sockets.

Note the case of abstract socket, the sun_path is actually
a blob and can contain \0 characters, - it should not be
passed to g_strndup and the like, it should be accessed by
memcpy-like functions.

Fixes: 4cfd970ec1
Fixes: http://bugs.debian.org/993145
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
CC: qemu-stable@nongnu.org
2021-09-06 17:18:54 +03:00
..
aio-posix.c iothread: add aio-max-batch parameter 2021-07-21 13:47:50 +01:00
aio-posix.h
aio-wait.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
aio-win32.c iothread: add aio-max-batch parameter 2021-07-21 13:47:50 +01:00
aiocb.c
async.c iothread: add aio-max-batch parameter 2021-07-21 13:47:50 +01:00
atomic64.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
base64.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
bitmap.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
bitops.c
block-helpers.c block: move logical block size check function to a common utility function 2020-10-23 13:42:16 +01:00
block-helpers.h block: move logical block size check function to a common utility function 2020-10-23 13:42:16 +01:00
buffer.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
bufferiszero.c
cacheflush.c util/cacheflush: Fix error generated by clang 2021-01-21 13:00:41 +01:00
cacheinfo.c util: Enhance flush_icache_range with separate data pointer 2021-01-07 05:09:41 -10:00
compatfd.c util/compatfd.c: Replaced a malloc call with g_malloc. 2021-05-14 12:28:01 +02:00
coroutine-sigaltstack.c coroutine-sigaltstack: Add SIGUSR2 mutex 2021-01-26 14:36:37 +01:00
coroutine-ucontext.c Remove the CONFIG_PRAGMA_DIAGNOSTIC_AVAILABLE switch 2020-07-13 11:40:52 +02:00
coroutine-win32.c
crc32c.c
crc-ccitt.c util: Add CRC16 (CCITT) calculation routines 2021-01-24 20:10:54 +01:00
cutils.c cutils: fix memory leak in get_relocated_path() 2021-05-13 18:06:40 +02:00
dbus.c
drm.c util/drm: make portable by avoiding struct dirent d_type 2020-07-13 14:36:10 +01:00
envlist.c
error.c
event_notifier-posix.c event_notifier: Set ->initialized earlier in event_notifier_init() 2021-02-16 17:15:39 +01:00
event_notifier-win32.c
fdmon-epoll.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
fdmon-io_uring.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
fdmon-poll.c fdmon-poll: reset npfd when upgrading to fdmon-epoll 2020-09-23 13:45:52 +01:00
fifo8.c utils/fifo8: change fatal errors from abort() to assert() 2021-02-07 20:38:20 +00:00
filemonitor-inotify.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
filemonitor-stub.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
getauxval.c util/getauxval: Porting to FreeBSD getauxval feature 2020-06-26 06:45:29 -04:00
guest-random.c util/guest-random: Fix size arg to tail memcpy 2021-07-09 18:42:46 +02:00
hbitmap.c
hexdump.c util/hexdump: introduce qemu_hexdump_line() 2020-09-29 02:14:30 -04:00
host-utils.c
id.c net: Use id_generate() in the network subsystem, too 2021-03-09 21:47:45 +01:00
iov.c util/iov: make qemu_iovec_init_extended() honest 2021-02-03 08:00:33 -06:00
iova-tree.c
keyval.c keyval: introduce keyval_parse_into 2021-07-06 08:33:51 +02:00
lockcnt.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
log.c nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
main-loop.c util/async: add a human-readable name to BHs for debugging 2021-07-05 11:40:32 +01:00
memfd.c
meson.build meson: fix missing preprocessor symbols 2021-07-09 18:19:00 +02:00
mmap-alloc.c Deprecate pmem=on with non-DAX capable backend file 2021-07-06 18:05:16 -04:00
module.c modules: check arch on qom lookup 2021-07-09 18:20:27 +02:00
notify.c
nvdimm-utils.c Clean up includes 2020-12-10 17:16:44 +01:00
osdep.c util/osdep: Add qemu_mprotect_rw 2021-06-13 17:42:40 -07:00
oslib-posix.c memory: Introduce RAM_NORESERVE and wire it up in qemu_ram_mmap() 2021-06-15 20:27:38 +02:00
oslib-win32.c util/oslib-win32: Fix fatal assertion in qemu_try_memalign 2021-06-19 14:51:51 -07:00
pagesize.c
path.c
qdist.c
qemu-co-shared-resource.c co-shared-resource: protect with a mutex 2021-06-25 14:24:24 +03:00
qemu-config.c qemu-config: restore "machine" in qmp_query_command_line_options() 2021-07-22 14:44:47 +02:00
qemu-coroutine-io.c
qemu-coroutine-lock.c coroutine-lock: Reimplement CoRwlock to fix downgrade bug 2021-03-31 10:44:21 +01:00
qemu-coroutine-sleep.c coroutine-sleep: introduce qemu_co_sleep 2021-05-21 18:22:33 +01:00
qemu-coroutine.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
qemu-error.c error: rename error_with_timestamp to message_with_timestamp 2021-02-01 10:50:55 +00:00
qemu-openpty.c util/qemu-openpty.c: Don't assume pty.h is glibc-only 2020-07-13 14:36:09 +01:00
qemu-option.c qemu-option: Drop dead assertion 2021-07-09 18:42:46 +02:00
qemu-print.c monitor: Use getter/setter functions for cur_mon 2020-10-09 07:08:19 +02:00
qemu-progress.c util/: fix some comment spelling errors 2020-09-17 20:38:42 +02:00
qemu-sockets.c qemu-sockets: fix unix socket path copy (again) 2021-09-06 17:18:54 +03:00
qemu-thread-common.h
qemu-thread-posix.c util: Use unique type for QemuRecMutex in thread-posix.h 2021-06-16 15:03:26 +02:00
qemu-thread-win32.c util: Pass file+line to qemu_rec_mutex_unlock_impl 2021-06-16 15:03:26 +02:00
qemu-timer-common.c semihosting: Implement SYS_ELAPSED and SYS_TICKFREQ 2021-01-18 10:05:06 +00:00
qemu-timer.c spapr: rollback 'unplug timeout' for CPU hotunplugs 2021-04-12 12:27:14 +10:00
qht.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
qsp.c qemu/atomic: Add aligned_{int64,uint64}_t types 2021-07-21 07:45:38 -10:00
range.c
rcu.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
readline.c readline: Fix possible array index out of bounds in readline_hist_add() 2021-01-04 11:13:39 +00:00
selfmap.c util/selfmap: Discard mapping on error 2021-07-26 07:06:49 -10:00
stats64.c qemu/atomic.h: rename atomic_ to qatomic_ 2020-09-23 16:07:44 +01:00
sys_membarrier.c
systemd.c
thread-pool.c
throttle.c Remove superfluous timer_del() calls 2021-01-08 15:13:38 +00:00
timed-average.c
trace-events modules: add tracepoints 2021-07-09 18:20:27 +02:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
transactions.c util: add transactions.c 2021-04-30 12:27:47 +02:00
unicode.c
uri.c util/uri: do not check argument of uri_free() 2021-07-09 12:26:05 +02:00
userfaultfd.c migration: introduce UFFD-WP low-level interface helpers 2021-02-08 11:19:51 +00:00
uuid.c
vfio-helpers.c numa: Teach ram block notifiers about resizeable ram blocks 2021-05-13 18:21:13 +01:00
vhost-user-server.c util/vhost-user-server: move header to include/ 2020-10-23 13:42:16 +01:00
yank.c yank: Remove dependency on qiochannel 2021-04-01 15:27:44 +04:00