Blob Blame Raw
From 1fa1b51356c0ea6e1d30f2d370b3b766d4230537 Mon Sep 17 00:00:00 2001
From: Mike Christie <michaelc@cs.wisc.edu>
Date: Thu, 5 Dec 2013 18:12:32 -0600
Subject: [PATCH] iscsi tools: Bug fix on IPC address copy (version 2)

This patch merges Yufei Ren <yufei.ren@stonybrook.edu> patch
with comments from the list plus what I think is a bug in the
addr_len usage.

For the addr_len use, it looks like we were using that as the
arg to memcpy, but that value included the length of the pathname
string and also the offset of sun_path in the sockaddr_un and so
that is too long.
---
 usr/iscsi_util.c | 12 ++++++++++++
 usr/iscsi_util.h |  3 +++
 usr/iscsid_req.c |  7 +------
 usr/mgmt_ipc.c   |  6 +-----
 4 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/usr/iscsi_util.c b/usr/iscsi_util.c
index ac86847..9dbfbfd 100644
--- a/usr/iscsi_util.c
+++ b/usr/iscsi_util.c
@@ -25,16 +25,28 @@
 #include <string.h>
 #include <errno.h>
 #include <ctype.h>
+#include <sys/socket.h>
+#include <sys/un.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/resource.h>
 
+#include "sysdeps.h"
 #include "log.h"
 #include "iscsi_settings.h"
 #include "iface.h"
 #include "session_info.h"
 #include "iscsi_util.h"
 
+int setup_abstract_addr(struct sockaddr_un *addr, char *unix_sock_name)
+{
+	memset(addr, 0, sizeof(*addr));
+	addr->sun_family = AF_LOCAL;
+	strlcpy(addr->sun_path + 1, unix_sock_name, sizeof(addr->sun_path) - 1);
+	return offsetof(struct sockaddr_un, sun_path) +
+		strlen(addr->sun_path + 1) + 1;
+}
+
 void daemon_init(void)
 {
 	int fd;
diff --git a/usr/iscsi_util.h b/usr/iscsi_util.h
index 110dfa8..ff725eb 100644
--- a/usr/iscsi_util.h
+++ b/usr/iscsi_util.h
@@ -26,4 +26,7 @@ extern int __iscsi_match_session(struct node_rec *rec, char *targetname,
 extern char *strstrip(char *s);
 extern char *cfg_get_string_param(char *pathname, const char *key);
 
+struct sockaddr_un;
+extern int setup_abstract_addr(struct sockaddr_un *addr, char *unix_sock_name);
+
 #endif
diff --git a/usr/iscsid_req.c b/usr/iscsid_req.c
index 715c0aa..0e91dee 100644
--- a/usr/iscsid_req.c
+++ b/usr/iscsid_req.c
@@ -67,12 +67,7 @@ static int ipc_connect(int *fd, char *unix_sock_name, int start_iscsid)
 		return ISCSI_ERR_ISCSID_NOTCONN;
 	}
 
-	addr_len = offsetof(struct sockaddr_un, sun_path) + strlen(unix_sock_name) + 1;
-
-	memset(&addr, 0, sizeof(addr));
-	addr.sun_family = AF_LOCAL;
-	memcpy((char *) &addr.sun_path + 1, unix_sock_name,
-	       strlen(unix_sock_name));
+	addr_len = setup_abstract_addr(&addr, unix_sock_name);
 
 	/*
 	 * Trying to connect with exponential backoff
diff --git a/usr/mgmt_ipc.c b/usr/mgmt_ipc.c
index 87bd346..a82c063 100644
--- a/usr/mgmt_ipc.c
+++ b/usr/mgmt_ipc.c
@@ -59,11 +59,7 @@ mgmt_ipc_listen(void)
 		return fd;
 	}
 
-	addr_len = offsetof(struct sockaddr_un, sun_path) + strlen(ISCSIADM_NAMESPACE) + 1;
-
-	memset(&addr, 0, sizeof(addr));
-	addr.sun_family = AF_LOCAL;
-	memcpy((char *) &addr.sun_path + 1, ISCSIADM_NAMESPACE, addr_len);
+	addr_len = setup_abstract_addr(&addr, ISCSIADM_NAMESPACE);
 
 	if ((err = bind(fd, (struct sockaddr *) &addr, addr_len)) < 0 ) {
 		log_error("Can not bind IPC socket");
-- 
1.8.3.1