[DynInst_API:] [dyninst/dyninst] e79a59: Fix buffer overflow on socket_path in DYNINSTasync...

[bbiiggppiigg <noreply@xxxxxxxxxx>]

  Branch: refs/heads/bbiiggppiigg/fix-socket-path-overflow
  Home:   https://github.com/dyninst/dyninst
  Commit: e79a59e2d99c24abd499744490374394b8ad3745
      https://github.com/dyninst/dyninst/commit/e79a59e2d99c24abd499744490374394b8ad3745
  Author: wuxx1279 <bbiiggppiigg@xxxxxxxxx>
  Date:   2026-06-01 (Mon, 01 Jun 2026)

  Changed paths:
    M dyninstAPI_RT/src/RTposix.c

  Log Message:
  -----------
  Fix buffer overflow on socket_path in DYNINSTasyncConnect

socket_path was sized at 255 bytes but is strcpy'd into
sadr.sun_path, which is only 108 bytes (sizeof sockaddr_un::sun_path)
on Linux. A sufficiently long P_tmpdir/username/pid combination could
overflow the stack-allocated sockaddr_un.

Size socket_path to match sun_path so the bounded snprintf truncates
the path safely, making the subsequent strcpy provably in-bounds. Also
replace the magic 255 with sizeof(socket_path).

Co-Authored-By: Claude Opus 4.8 <noreply@xxxxxxxxxxxxx>



To unsubscribe from these emails, change your notification settings at https://github.com/dyninst/dyninst/settings/notifications