7:24 a.m.
On Wed, Feb 03, 2016 at 01:17:41PM +0100, Pino Toscano wrote:
Introduce an internal helper to create paths for sockets -- will be
useful for changing later the logic for placing sockets.
Futhermore, check that the length of sockets won't overflow the buffer
for their filenames.
---
src/guestfs-internal.h | 1 +
src/launch-direct.c | 4 +++-
src/launch-libvirt.c | 10 ++++++----
src/launch.c | 17 +++++++++++++++++
4 files changed, 27 insertions(+), 5 deletions(-)
diff --git a/src/guestfs-internal.h b/src/guestfs-internal.h
index 5ecd322..bff9f64 100644
--- a/src/guestfs-internal.h
+++ b/src/guestfs-internal.h
@@ -782,6 +782,7 @@ extern void guestfs_int_launch_send_progress (guestfs_h *g, int
perdozen);
extern char *guestfs_int_appliance_command_line (guestfs_h *g, const char
*appliance_dev, int flags);
#define APPLIANCE_COMMAND_LINE_IS_TCG 1
const char *guestfs_int_get_cpu_model (int kvm);
+int guestfs_int_create_socketname (guestfs_h *g, const char *filename, char
(*sockname)[UNIX_PATH_MAX]);
extern void guestfs_int_register_backend (const char *name, const struct backend_ops
*);
extern int guestfs_int_set_backend (guestfs_h *g, const char *method);
diff --git a/src/launch-direct.c b/src/launch-direct.c
index b8e453d..a81d4b3 100644
--- a/src/launch-direct.c
+++ b/src/launch-direct.c
@@ -295,7 +295,9 @@ launch_direct (guestfs_h *g, void *datav, const char *arg)
/* Using virtio-serial, we need to create a local Unix domain socket
* for qemu to connect to.
*/
- snprintf (data->guestfsd_sock, sizeof data->guestfsd_sock,
"%s/guestfsd.sock", g->tmpdir);
+ if (guestfs_int_create_socketname (g, "guestfsd.sock",
+ &data->guestfsd_sock) == -1)
+ goto cleanup0;
daemon_accept_sock = socket (AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
if (daemon_accept_sock == -1) {
diff --git a/src/launch-libvirt.c b/src/launch-libvirt.c
index 8a5d93e..376bd80 100644
--- a/src/launch-libvirt.c
+++ b/src/launch-libvirt.c
@@ -395,8 +395,9 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri)
/* Using virtio-serial, we need to create a local Unix domain socket
* for qemu to connect to.
*/
- snprintf (data->guestfsd_path, sizeof data->guestfsd_path,
- "%s/guestfsd.sock", g->tmpdir);
+ if (guestfs_int_create_socketname (g, "guestfsd.sock",
+ &data->guestfsd_path) == -1)
+ goto cleanup;
set_socket_create_context (g);
@@ -421,8 +422,9 @@ launch_libvirt (guestfs_h *g, void *datav, const char *libvirt_uri)
}
/* For the serial console. */
- snprintf (data->console_path, sizeof data->console_path,
- "%s/console.sock", g->tmpdir);
+ if (guestfs_int_create_socketname (g, "console.sock",
+ &data->console_path) == -1)
+ goto cleanup;
console_sock = socket (AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
if (console_sock == -1) {
diff --git a/src/launch.c b/src/launch.c
index f59818f..60f02a7 100644
--- a/src/launch.c
+++ b/src/launch.c
@@ -418,6 +418,23 @@ guestfs_int_get_cpu_model (int kvm)
#endif
}
+/* Create the path for a socket with the selected filename in the
+ * tmpdir.
+ */
+int
+guestfs_int_create_socketname (guestfs_h *g, const char *filename,
+ char (*sockpath)[UNIX_PATH_MAX])
+{
+ if (strlen (g->tmpdir) + 1 + strlen (filename) > UNIX_PATH_MAX-1) {
+ error (g, _("socket path too long: %s/%s"), g->tmpdir, filename);
+ return -1;
+ }
+
+ snprintf (*sockpath, UNIX_PATH_MAX, "%s/%s", g->tmpdir, filename);
+
+ return 0;
+}
+
/* glibc documents, but does not actually implement, a 'getumask(3)'
* call. This implements a thread-safe way to get the umask. Note
* this is only called when g->verbose is true and after g->tmpdir
Looks good, ACK.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines. Supports shell scripting,
bindings from many languages. http://libguestfs.org