From e97717e29a1bb3e373b130086c4182c598a8121c Mon Sep 17 00:00:00 2001 From: Ian Gudger Date: Tue, 14 Aug 2018 15:05:44 -0700 Subject: Enforce Unix socket address length limit PiperOrigin-RevId: 208720936 Change-Id: Ic943a88b6efeff49574306d4d4e1f113116ae32e --- pkg/sentry/socket/epsocket/epsocket.go | 3 +++ 1 file changed, 3 insertions(+) (limited to 'pkg/sentry') diff --git a/pkg/sentry/socket/epsocket/epsocket.go b/pkg/sentry/socket/epsocket/epsocket.go index b32eda96f..0000875e7 100644 --- a/pkg/sentry/socket/epsocket/epsocket.go +++ b/pkg/sentry/socket/epsocket/epsocket.go @@ -150,6 +150,9 @@ func GetAddress(sfamily int, addr []byte) (tcpip.FullAddress, *syserr.Error) { switch family { case linux.AF_UNIX: path := addr[2:] + if len(path) > linux.UnixPathMax { + return tcpip.FullAddress{}, syserr.ErrInvalidArgument + } // Drop the terminating NUL (if one exists) and everything after it. // Skip the first byte, which is NUL for abstract paths. if len(path) > 1 { -- cgit v1.2.3