<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><br><br><div dir="ltr">Sent from my iPhone</div><div dir="ltr"><br>Begin forwarded message:<br><br></div><blockquote type="cite"><div dir="ltr"><b>From:</b> Mark Gray <notifications@github.com><br><b>Date:</b> March 30, 2021 at 13:18:35 EDT<br><b>To:</b> libreswan/libreswan <libreswan@noreply.github.com><br><b>Cc:</b> Subscribed <subscribed@noreply.github.com><br><b>Subject:</b> <b>[libreswan/libreswan] snprintf()  truncates --rundir in plutomain.c (#428)</b><br><b>Reply-To:</b> libreswan/libreswan <reply+AAW5L6MMPLIDAGCLG6TD5W56N47GNEVBNHHDEXDHRY@reply.github.com><br><br></div></blockquote><blockquote type="cite"><div dir="ltr"><p></p>
<pre><code>mkdir /tmp/ipsec.d && ipsec initnss --nssdir /tmp/ipsec.d
mkdir /tmp/somelongpathxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
sudo ipsec pluto  --nssdir /tmp/ipsec.d --rundir/tmp/somelongpathxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
ls -al /tmp/some*
</code></pre>
<p>This returns:</p>
<pre><code>srwx------. 1 root   root  0 Mar 30 13:12 /tmp/somelongpathxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

/tmp/somelongpathxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx:
total 12
</code></pre>
<p>The socket does is not placed in the directory.</p>
<p>Even more confusing is when the length of rundir is 107 (sizeof(ctl_addr.sun_path)) characters (which was my case)</p>
<pre><code>mkdir /tmp/ipsec.d && ipsec initnss --nssdir /tmp/ipsec.d
mkdir 
/tmp/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
sudo ipsec pluto  --nssdir /tmp/ipsec.d --rundir /tmp/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/
</code></pre>
<p>This returns the following which is really confusing!</p>
<pre><code>pluto: FATAL: unable to create lock file "/tmp/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/" (21 Is a directory)
</code></pre>
<p>Both are due to the following line in which the return code of snprintf() is not checked for truncation: <a href="https://github.com/libreswan/libreswan/blob/d2b9fbfae9761c440e3ce21576b7a0fe80f6a3fe/programs/pluto/plutomain.c#L1100">https://github.com/libreswan/libreswan/blob/d2b9fbfae9761c440e3ce21576b7a0fe80f6a3fe/programs/pluto/plutomain.c#L1100</a></p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br>You are receiving this because you are subscribed to this thread.<br>Reply to this email directly, <a href="https://github.com/libreswan/libreswan/issues/428">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AAW5L6MHU4HZRLIIATXFJOTTGIBWNANCNFSM42CRB4XA">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AAW5L6LL6MDB75L6U66J2JDTGIBWNA5CNFSM42CRB4XKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4MS4M6HA.gif" height="1" width="1" alt="" data-unique-identifier=""></p>
</div></blockquote></body></html>