diff options
| author | Jeff Hostetler <jeffhost@microsoft.com> | 2021-03-15 22:08:26 +0100 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2021-03-15 22:32:51 +0100 |
| commit | 77e522caaeebe8c6378dcf7045b19cbd22c8b2fb (patch) | |
| tree | a935ff8bd5ce0802dfda6fbd530e99f07446f491 /unix-socket.h | |
| parent | unix-socket: add backlog size option to unix_stream_listen() (diff) | |
| download | git-77e522caaeebe8c6378dcf7045b19cbd22c8b2fb.tar.xz git-77e522caaeebe8c6378dcf7045b19cbd22c8b2fb.zip | |
unix-socket: disallow chdir() when creating unix domain sockets
Calls to `chdir()` are dangerous in a multi-threaded context. If
`unix_stream_listen()` or `unix_stream_connect()` is given a socket
pathname that is too long to fit in a `sockaddr_un` structure, it will
`chdir()` to the parent directory of the requested socket pathname,
create the socket using a relative pathname, and then `chdir()` back.
This is not thread-safe.
Teach `unix_sockaddr_init()` to not allow calls to `chdir()` when this
flag is set.
Signed-off-by: Jeff Hostetler <jeffhost@microsoft.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'unix-socket.h')
| -rw-r--r-- | unix-socket.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/unix-socket.h b/unix-socket.h index ec2fb3ea72..8542cdd799 100644 --- a/unix-socket.h +++ b/unix-socket.h @@ -3,11 +3,12 @@ struct unix_stream_listen_opts { int listen_backlog_size; + unsigned int disallow_chdir:1; }; #define UNIX_STREAM_LISTEN_OPTS_INIT { 0 } -int unix_stream_connect(const char *path); +int unix_stream_connect(const char *path, int disallow_chdir); int unix_stream_listen(const char *path, const struct unix_stream_listen_opts *opts); |