About the UNIX socket path length check

Maxim Dounin mdounin at mdounin.ru
Thu Oct 9 17:13:22 UTC 2014


Hello!

On Thu, Oct 09, 2014 at 06:02:16PM +0200, Peter Wu wrote:

> Hi,
> 
> In src/core/ngx_inet.c we have this code:
> 
>     if (len > sizeof(saun->sun_path)) {
>         u->err = "too long path in the unix domain socket";
>         return NGX_ERROR;
>     }
> 
> But a NUL-terminated string requires one byte more. Is it allowed to
> omit the NUL byte when the string would not fit otherwise? If not,
> this should be changed to:
> 
>     if (len >= sizeof(saun->sun_path)) {
>         u->err = "too long path in the unix domain socket";
>         return NGX_ERROR;
>     }

You've missed the "len++" above.

-- 
Maxim Dounin
http://nginx.org/



More information about the nginx-devel mailing list