[Swan-dev] Fwd: [libreswan/libreswan] snprintf() truncates --rundir in plutomain.c (#428)

Paul Wouters paul at nohats.ca
Tue Mar 30 17:24:16 UTC 2021 


Sent from my iPhone

Begin forwarded message:

> From: Mark Gray <notifications at github.com>
> Date: March 30, 2021 at 13:18:35 EDT
> To: libreswan/libreswan <libreswan at noreply.github.com>
> Cc: Subscribed <subscribed at noreply.github.com>
> Subject: [libreswan/libreswan] snprintf()  truncates --rundir in plutomain.c (#428)
> Reply-To: libreswan/libreswan <reply+AAW5L6MMPLIDAGCLG6TD5W56N47GNEVBNHHDEXDHRY at reply.github.com>
> 
> 
> mkdir /tmp/ipsec.d && ipsec initnss --nssdir /tmp/ipsec.d
> mkdir /tmp/somelongpathxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
> sudo ipsec pluto  --nssdir /tmp/ipsec.d --rundir/tmp/somelongpathxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
> ls -al /tmp/some*
> This returns:
> 
> srwx------. 1 root   root  0 Mar 30 13:12 /tmp/somelongpathxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> 
> /tmp/somelongpathxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:
> total 12
> The socket does is not placed in the directory.
> 
> Even more confusing is when the length of rundir is 107 (sizeof(ctl_addr.sun_path)) characters (which was my case)
> 
> mkdir /tmp/ipsec.d && ipsec initnss --nssdir /tmp/ipsec.d
> mkdir 
> /tmp/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
> sudo ipsec pluto  --nssdir /tmp/ipsec.d --rundir /tmp/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
> This returns the following which is really confusing!
> 
> pluto: FATAL: unable to create lock file "/tmp/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/" (21 Is a directory)
> Both are due to the following line in which the return code of snprintf() is not checked for truncation: https://github.com/libreswan/libreswan/blob/d2b9fbfae9761c440e3ce21576b7a0fe80f6a3fe/programs/pluto/plutomain.c#L1100
> 
>> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub, or unsubscribe.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20210330/6f4a1d90/attachment.html>

More information about the Swan-dev mailing list