|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v6 02/13] cxenstored: add support for systemd active sockets
On Thu, 2014-06-12 at 18:18 -0700, Luis R. Rodriguez wrote:
> +int xs_validate_active_socket(const char *connect_to)
> +{
> + char sock[30];
> +
> + /* We have to null terminate the socket path */
> + memset(sock, '\0', sizeof(sock));
> + memcpy(sock, connect_to, strlen(connect_to));
This risks overrunning sock if connect_to is longer than 30 characters.
But your use of strlen suggests that connect_to is already NULL
terminated, so what is this for?
> + if ((strncmp("/var/run/xenstored/socket_ro", sock, 28) != 0) &&
> + (strncmp("/var/run/xenstored/socket", sock, 25) != 0)) {
Given that sock (or connect_to) is NULL terminated, why strncmp and not
the straightforward strcmp?
As it is I think your code would accept
e.g. /var/run/xenstored/socketwibble, no?
Is it common in systemd support to validate the input socket's path in
this way? As opposed to trusting that the systemd unit file is correct.
> +static void xen_claim_active_sockets(int **psock, int **pro_sock)
> +{
> + int *sock, *ro_sock;
> + const char *soc_str = xs_daemon_socket();
> + const char *soc_str_ro = xs_daemon_socket_ro();
> + int n;
> +
> + n = sd_listen_fds(0);
> + if (n <= 0) {
> + sd_notifyf(0, "STATUS=Failed to get any active sockets: %s\n"
> + "ERRNO=%i",
> + strerror(errno),
> + errno);
> + barf_perror("sd_listen_fds() failed\n");
> + } else if (n > 2) {
> + fprintf(stderr, SD_ERR "Expected 2 fds but given %d\n", n);
> + sd_notifyf(0, "STATUS=Mismatch on number (2): %s\n"
> + "ERRNO=%d",
> + strerror(EBADR),
> + EBADR);
> + barf_perror("sd_listen_fds() gave too many fds\n");
Need this be fatal?
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |