From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:44313)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1YcZlH-00030S-9A
	for qemu-devel@nongnu.org; Mon, 30 Mar 2015 09:29:52 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1YcZlD-0001vM-6Q
	for qemu-devel@nongnu.org; Mon, 30 Mar 2015 09:29:51 -0400
Date: Mon, 30 Mar 2015 14:29:41 +0100
From: Stefan Hajnoczi <stefanha@gmail.com>
Message-ID: <20150330132941.GK25181@stefanha-thinkpad.redhat.com>
References: <1426298416-884-1-git-send-email-zhaoshenglong@huawei.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="opg8F0UgoHELSI+9"
Content-Disposition: inline
In-Reply-To: <1426298416-884-1-git-send-email-zhaoshenglong@huawei.com>
Subject: Re: [Qemu-devel] [PATCH v2] fsdev/virtfs-proxy-helper: Fix possible
 overflow
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Shannon Zhao <zhaoshenglong@huawei.com>
Cc: peter.maydell@linaro.org, hangaohuai@huawei.com, qemu-trivial@nongnu.org, mjt@tls.msk.ru, qemu-devel@nongnu.org, peter.huangpeng@huawei.com, aneesh.kumar@linux.vnet.ibm.com, pbonzini@redhat.com, shannon.zhao@linaro.org


--opg8F0UgoHELSI+9
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Mar 14, 2015 at 10:00:16AM +0800, Shannon Zhao wrote:
> It's detected by coverity. As max of sockaddr_un.sun_path is
> sizeof(helper.sun_path), should check the length of source
> and use strncpy instead of strcpy.
>=20
> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
> ---
>     v1->v2: Still use strcpy [Paolo]
> ---
>  fsdev/virtfs-proxy-helper.c | 1 +
>  1 file changed, 1 insertion(+)
>=20
> diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c
> index bf2e5f3..13fe032 100644
> --- a/fsdev/virtfs-proxy-helper.c
> +++ b/fsdev/virtfs-proxy-helper.c
> @@ -738,6 +738,7 @@ static int proxy_socket(const char *path, uid_t uid, =
gid_t gid)
>          return -1;
>      }
> =20
> +    g_assert(strlen(path) < sizeof(proxy.sun_path));
>      sock =3D socket(AF_UNIX, SOCK_STREAM, 0);

path is user input.  While the assertion check silences Coverity, it is
not suitable for input validation.  Users expect a graceful exit with an
error message, not an assertion failure if the given path is too long.

I will send a patch.

Stefan

--opg8F0UgoHELSI+9
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVGU/FAAoJEJykq7OBq3PIPU0IAKKAskU2JS35Y+dxYw5Mx7es
U8hfsBVi6lDae2s/0RRW/NmeUAu5HbFWSCt6Z3IqGoz3uHYJ8dnm4TqKtmf1Ciza
p5G3Gs9WFq6zvn3RrXDgVcIw80F34RJcoQUKahUqdfhRCymVOqKUmlrDyS0pkThK
T5Nt6beISzRd7pG8wx58nxYHjz3URHtUPWPRXmS7E+IHQstofKYSdQOpwpJr86bz
KFNqA6w6YzFf4ug/qc+iBfAjA8AK50WOI02tFbg+afyIKaUEzfgnHXhGECNwvy19
KYNGlczQksaHIzvRPsFJqakHVp0oX+Y4k86PPA6OFjmBJ1FgQiIytFV2G6CUI0Q=
=aos+
-----END PGP SIGNATURE-----

--opg8F0UgoHELSI+9--