Core: sockaddr lengths now respected by ngx_cmp_sockaddr().
Linux can return AF_UNIX sockaddrs with partially filled sun_path,
resulting in spurious comparison failures and failed binary upgrades.
Added proper checking of the lengths provided.
Reported by Jan Seda,
http://mailman.nginx.org/pipermail/nginx-devel/2016-September/008832.html.
diff --git a/src/core/ngx_inet.c b/src/core/ngx_inet.c
index dbd1f46..3bcd3e7 100644
--- a/src/core/ngx_inet.c
+++ b/src/core/ngx_inet.c
@@ -1364,6 +1364,7 @@
struct sockaddr_in6 *sin61, *sin62;
#endif
#if (NGX_HAVE_UNIX_DOMAIN)
+ size_t len;
struct sockaddr_un *saun1, *saun2;
#endif
@@ -1393,15 +1394,21 @@
#if (NGX_HAVE_UNIX_DOMAIN)
case AF_UNIX:
- /* TODO length */
-
saun1 = (struct sockaddr_un *) sa1;
saun2 = (struct sockaddr_un *) sa2;
- if (ngx_memcmp(&saun1->sun_path, &saun2->sun_path,
- sizeof(saun1->sun_path))
- != 0)
- {
+ if (slen1 < slen2) {
+ len = slen1 - offsetof(struct sockaddr_un, sun_path);
+
+ } else {
+ len = slen2 - offsetof(struct sockaddr_un, sun_path);
+ }
+
+ if (len > sizeof(saun1->sun_path)) {
+ len = sizeof(saun1->sun_path);
+ }
+
+ if (ngx_memcmp(&saun1->sun_path, &saun2->sun_path, len) != 0) {
return NGX_DECLINED;
}
