socket: Enforce socket length

A Unix domain socket is limited to 107 usable bytes on Linux. However, not all code creating socket paths was checking for this limits. Created a new `utils.BuildSocketPath()` function (with tests) to encapsulate the logic and updated all code creating sockets to use it. Fixes #268. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
2025-12-24 01:24:26 +01:00 · 2018-05-09 11:28:23 +01:00
parent f6544a3524
commit bce9edd277
12 changed files with 173 additions and 40 deletions
--- a/virtcontainers/utils/utils.go
+++ b/virtcontainers/utils/utils.go
@@ -7,15 +7,22 @@ package utils

 import (
 	"crypto/rand"
+	"errors"
 	"fmt"
 	"os"
 	"os/exec"
+	"path/filepath"
 )

 const cpBinaryName = "cp"

 const fileMode0755 = os.FileMode(0755)

+// MaxSocketPathLen is the effective maximum Unix domain socket length.
+//
+// See unix(7).
+const MaxSocketPathLen = 107
+
 // FileCopy copys files from srcPath to dstPath
 func FileCopy(srcPath, dstPath string) error {
 	if srcPath == "" {
@@ -174,3 +181,22 @@ func MakeNameID(namedType, id string, maxLen int) string {

 	return nameID
 }
+
+// BuildSocketPath concatenates the provided elements into a path and returns
+// it. If the resulting path is longer than the maximum permitted socket path
+// on Linux, it will return an error.
+func BuildSocketPath(elements ...string) (string, error) {
+	result := filepath.Join(elements...)
+
+	if result == "" {
+		return "", errors.New("empty path")
+	}
+
+	l := len(result)
+
+	if l > MaxSocketPathLen {
+		return "", fmt.Errorf("path too long (got %v, max %v): %s", l, MaxSocketPathLen, result)
+	}
+
+	return result, nil
+}