Created
June 5, 2024 18:24
-
-
Save nielsdos/ee33321f88632a8c228e6d3c0efcdf5b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/main/streams/xp_socket.c b/main/streams/xp_socket.c | |
index 838a237ca8..9987f871a7 100644 | |
--- a/main/streams/xp_socket.c | |
+++ b/main/streams/xp_socket.c | |
@@ -564,18 +564,23 @@ static inline int parse_unix_address(php_stream_xport_param *xparam, struct sock | |
memset(unix_addr, 0, sizeof(*unix_addr)); | |
unix_addr->sun_family = AF_UNIX; | |
+ /* Abstract namespace does not need to be NUL-terminated, while path-based | |
+ * sockets should be. */ | |
+ bool is_abstract_ns = xparam->inputs.namelen > 0 && xparam->inputs.name[0] == '\0'; | |
+ unsigned long max_length = is_abstract_ns ? sizeof(unix_addr->sun_path) : sizeof(unix_addr->sun_path) - 1; | |
+ | |
/* we need to be binary safe on systems that support an abstract | |
* namespace */ | |
- if (xparam->inputs.namelen > sizeof(unix_addr->sun_path)) { | |
+ if (xparam->inputs.namelen > max_length) { | |
/* On linux, when the path begins with a NUL byte we are | |
* referring to an abstract namespace. In theory we should | |
* allow an extra byte below, since we don't need the NULL. | |
* BUT, to get into this branch of code, the name is too long, | |
* so we don't care. */ | |
- xparam->inputs.namelen = sizeof(unix_addr->sun_path); | |
+ xparam->inputs.namelen = max_length; | |
php_error_docref(NULL, E_NOTICE, | |
"socket path exceeded the maximum allowed length of %lu bytes " | |
- "and was truncated", (unsigned long)sizeof(unix_addr->sun_path)); | |
+ "and was truncated", max_length); | |
} | |
memcpy(unix_addr->sun_path, xparam->inputs.name, xparam->inputs.namelen); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment