[Spice-devel] [PATCH 1/2] Don't limit spice controller socket name to 50 chars

Alon Levy alevy at redhat.com
Tue Mar 20 08:23:31 PDT 2012 

On Tue, Mar 20, 2012 at 04:14:07PM +0100, Christophe Fergeau wrote:
> The spice controller socket name used to be hardcoded to
> /tmp/SpiceController-%lu.uds and generated using snprintf. A 50 bytes
> buffer was enough for that, but this was changed in commit 79fffbf95
> because this was predictable and allowed other users on the system
> to sniff the browser/client communication.
> However, since the name that is used is no longer generated by spicec,
> no assumption can be made about its size. Currently, the socket is
> created inside the user home directory, which means that if the
> user name is too long, spicec will not be able to read the controller
> socket name.
> This commit directly uses the string from getenv as he name of the
> controller socket (on Linux) instead of limiting its size to 50 characters,
> which should fix this issue.
> This fixes rhbz #804561

ACK both.

> ---
>  client/controller.cpp |   10 ++++------
>  1 files changed, 4 insertions(+), 6 deletions(-)
> 
> diff --git a/client/controller.cpp b/client/controller.cpp
> index 05b4b7f..c89dbb6 100644
> --- a/client/controller.cpp
> +++ b/client/controller.cpp
> @@ -27,9 +27,9 @@
>  #include "debug.h"
>  #include "platform.h"
>  
> -#define PIPE_NAME_MAX_LEN 50
>  
>  #ifdef WIN32
> +#define PIPE_NAME_MAX_LEN 50
>  #define PIPE_NAME "SpiceController-%lu"
>  #endif
>  
> @@ -38,18 +38,16 @@ Controller::Controller(ControllerInterface *handler)
>      , _exclusive (false)
>      , _refs (1)
>  {
> -    char pipe_name[PIPE_NAME_MAX_LEN];
> -
>      ASSERT(_handler);
>  #ifdef WIN32
> +    char pipe_name[PIPE_NAME_MAX_LEN];
>      snprintf(pipe_name, PIPE_NAME_MAX_LEN, PIPE_NAME, Platform::get_process_id());
>  #else
> -    const char *p_socket = getenv("SPICE_XPI_SOCKET");
> -    if (!p_socket) {
> +    const char *pipe_name = getenv("SPICE_XPI_SOCKET");
> +    if (!pipe_name) {
>          LOG_ERROR("Failed to get a controller connection (SPICE_XPI_SOCKET)");
>          throw Exception("Failed to get a controller connection (SPICE_XPI_SOCKET)");
>      }
> -    strncpy(pipe_name, p_socket, sizeof(pipe_name));
>  #endif
>      LOG_INFO("Creating a controller connection %s", pipe_name);
>      _pipe = NamedPipe::create(pipe_name, *this);
> -- 
> 1.7.7.6
> 
> _______________________________________________
> Spice-devel mailing list
> Spice-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/spice-devel

More information about the Spice-devel mailing list