From 77d34c309668b534d77c80ec7fc827ce2f810f24 Mon Sep 17 00:00:00 2001
From: Vincent Penquerc'h <vincent.penquerch@collabora.co.uk>
Date: Sat, 28 Dec 2013 06:25:31 -0500
Subject: [PATCH] unix-server: guard against buffer overflow

sun_path is fairly small, and while the input is a smaller constant,
you never know how that might change.
---
 qrexec-lib/unix-server.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qrexec-lib/unix-server.c b/qrexec-lib/unix-server.c
index a86b203..8be6e1a 100644
--- a/qrexec-lib/unix-server.c
+++ b/qrexec-lib/unix-server.c
@@ -44,7 +44,8 @@ int get_server_socket(char *socket_address)
 	}
 	memset(&sockname, 0, sizeof(sockname));
 	sockname.sun_family = AF_UNIX;
-	memcpy(sockname.sun_path, socket_address, strlen(socket_address));
+	strncpy(sockname.sun_path, socket_address, sizeof sockname.sun_path);
+	sockname.sun_path[sizeof sockname.sun_path - 1] = 0;
 
 	if (bind(s, (struct sockaddr *) &sockname, sizeof(sockname)) == -1) {
 		printf("bind() failed\n");