About the UNIX socket path length check
Peter Wu
peter at lekensteyn.nl
Sun Oct 19 13:15:07 UTC 2014
On Thursday 09 October 2014 20:41:37 Ruslan Ermilov wrote:
> On Thu, Oct 09, 2014 at 06:02:16PM +0200, Peter Wu wrote:
> > Hi,
> >
> > In src/core/ngx_inet.c we have this code:
> >
> > if (len > sizeof(saun->sun_path)) {
> > u->err = "too long path in the unix domain socket";
> > return NGX_ERROR;
> > }
> >
> > But a NUL-terminated string requires one byte more. Is it allowed to
> > omit the NUL byte when the string would not fit otherwise? If not,
> > this should be changed to:
> >
> > if (len >= sizeof(saun->sun_path)) {
> > u->err = "too long path in the unix domain socket";
> > return NGX_ERROR;
> > }
>
> The "len" you quote includes the slot for NUL due to
>
> u->host.len = len++;
>
> And ngx_strncpy() always NULL-terminates what it writes.
Thank you and Maxim for the clarification, I missed the len++.
Peter
More information about the nginx-devel
mailing list