From e97717e29a1bb3e373b130086c4182c598a8121c Mon Sep 17 00:00:00 2001
From: Ian Gudger <igudger@google.com>
Date: Tue, 14 Aug 2018 15:05:44 -0700
Subject: Enforce Unix socket address length limit

PiperOrigin-RevId: 208720936
Change-Id: Ic943a88b6efeff49574306d4d4e1f113116ae32e
---
 pkg/sentry/socket/epsocket/epsocket.go | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'pkg/sentry')

diff --git a/pkg/sentry/socket/epsocket/epsocket.go b/pkg/sentry/socket/epsocket/epsocket.go
index b32eda96f..0000875e7 100644
--- a/pkg/sentry/socket/epsocket/epsocket.go
+++ b/pkg/sentry/socket/epsocket/epsocket.go
@@ -150,6 +150,9 @@ func GetAddress(sfamily int, addr []byte) (tcpip.FullAddress, *syserr.Error) {
 	switch family {
 	case linux.AF_UNIX:
 		path := addr[2:]
+		if len(path) > linux.UnixPathMax {
+			return tcpip.FullAddress{}, syserr.ErrInvalidArgument
+		}
 		// Drop the terminating NUL (if one exists) and everything after it.
 		// Skip the first byte, which is NUL for abstract paths.
 		if len(path) > 1 {
-- 
cgit v1.2.3