If something is too long to fit in a sun_addr, we should spot that
well in advance and not try.
agent_pending_query *conn;
name = getenv("SSH_AUTH_SOCK");
- if (!name)
+ if (!name || strlen(name) >= sizeof(addr.sun_path))
goto failure;
sock = socket(PF_UNIX, SOCK_STREAM, 0);
cloexec(sock);
addr.sun_family = AF_UNIX;
- strncpy(addr.sun_path, name, sizeof(addr.sun_path));
+ strcpy(addr.sun_path, name);
if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
close(sock);
goto failure;
if (n < 0)
ret->error = "snprintf failed";
- else if (n >= sizeof ret->hostname)
+ else if (n >= sizeof ret->hostname ||
+ n >= sizeof(((struct sockaddr_un *)0)->sun_path))
ret->error = "socket pathname too long";
#ifndef NO_IPV6