From 20a4ce8bf215487ce53d30ccae3bb6c86babb5a2 Mon Sep 17 00:00:00 2001 From: Enji Cooper Date: Thu, 5 Jan 2017 07:46:57 +0000 Subject: [PATCH] Redo fix for CID 979581 The previous change was flawed in terms of how it calculated the buffer length for the sockaddr_un object. Use SUN_LEN where appropriate and mute the Coverity complaint by using memset(.., 0, ..) to zero out the entire structure instead of setting .sun_len to a bogus value and strlcpy'ing in the contents of argv[1]. SUN_LEN is now being passed to bind(2) as well. For some odd reason this wasn't flagged as a bug with Coverity. Reported by: jilles, jmallett MFC after: 2 days X-MFC with: r311233 --- contrib/netbsd-tests/fs/tmpfs/h_tools.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/contrib/netbsd-tests/fs/tmpfs/h_tools.c b/contrib/netbsd-tests/fs/tmpfs/h_tools.c index 9b35eecbd95..492e084d2a5 100644 --- a/contrib/netbsd-tests/fs/tmpfs/h_tools.c +++ b/contrib/netbsd-tests/fs/tmpfs/h_tools.c @@ -244,13 +244,15 @@ sockets_main(int argc, char **argv) } #ifdef __FreeBSD__ - addr.sun_len = sizeof(addr.sun_path); - (void)strlcpy(addr.sun_path, argv[1], addr.sun_len); -#else - (void)strlcpy(addr.sun_path, argv[1], sizeof(addr.sun_path)); + memset(&addr, 0, sizeof(addr)); #endif + (void)strlcpy(addr.sun_path, argv[1], sizeof(addr.sun_path)); addr.sun_family = PF_UNIX; +#ifdef __FreeBSD__ + error = bind(fd, (struct sockaddr *)&addr, SUN_LEN(&addr)); +#else error = bind(fd, (struct sockaddr *)&addr, sizeof(addr)); +#endif if (error == -1) { warn("connect"); #ifdef __FreeBSD__