Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp1086700pxb; Wed, 6 Apr 2022 08:24:02 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyGHO5iwbpBchKRMY9lglL+5v9m5s4xdRDwi2l0VEw5AHNIWe4zuqML5rb/6QW9pEhle+wC X-Received: by 2002:a17:90a:9294:b0:1b9:48e9:a030 with SMTP id n20-20020a17090a929400b001b948e9a030mr10512575pjo.200.1649258641892; Wed, 06 Apr 2022 08:24:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649258641; cv=none; d=google.com; s=arc-20160816; b=vsgEy0a6SdSrMtrkuwTBfrSgvPSQtXOfplijAHpvvm6z2MajXwnpfCesLmPakxJnmx 50FgGZQ1V/Xys2bSMPeJkd41vZ7sJy8G8ho8ETAv+gxpu/B+ERrrE+5oRvdmLEWFBtB7 vSsxN7b/rZJi44o1LcxQjNif7y0i/5eLNzbMHINwoTPHHeS0buIZ1xbOR9PBeLVX+O6x h+hAHYKpyMgRlwlnfgRDuDoQxip2nPG0QzKifR2+B8pbEUeG8gKs6EAm0+GkporeXcLY P0wixuSp+U9AKfNgGTg2uq33WId+D9chVyhvoAOtqp4Oihd1oLUGCbLuki/hH8qAdGxM cQsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=B0fote3cX3T1n8/ei0spWux8d8jyWOuf+VuTtCk+1ds=; b=jRQcV/BCcjGf1ofNZzdeTnumC9cRXc+DHIDTCqwd/tN2R/KF7KnkbPvmkyRgK1ZQGy 0n6JUU1mRwRCxEAviJ14KfiUgk9rgZBTM0OoKdnmK6xb2r+Oe4D7uhgaFCUe6xiKjTA0 DA/yGxfcBYfJ4Q+bKTbE7Ow4Qt+L/uWOBm/6ldryq+o/2k6qq62FJVOQ8P8pheuSY0hM zdcSC0gSc6ZjqPLzF00T/pVrOj9ywPT62OKISt20umwstuk75HXvDWDVwc+5Mr4tngth xfowRND3pOJxaY003Bc1r8bFnQ1X/FRfMwRfnNwq7rI0fXhLbMtRGvRoSGbfecNBgYsK a8og== ARC-Authentication-Results: i=1; mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id 204-20020a6307d5000000b003993a5eebdesi6388089pgh.233.2022.04.06.08.24.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 Apr 2022 08:24:01 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 10096369E1E; Wed, 6 Apr 2022 06:27:41 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233407AbiDFN3K (ORCPT + 99 others); Wed, 6 Apr 2022 09:29:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55594 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233665AbiDFN2B (ORCPT ); Wed, 6 Apr 2022 09:28:01 -0400 Received: from smtp1-g21.free.fr (smtp1-g21.free.fr [IPv6:2a01:e0c:1:1599::10]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BE55A1BE116; Wed, 6 Apr 2022 03:25:47 -0700 (PDT) Received: from localhost (unknown [IPv6:2a01:e35:39f2:1220:b493:280e:6d0b:57ec]) by smtp1-g21.free.fr (Postfix) with ESMTPS id 6577AB0052C; Wed, 6 Apr 2022 12:22:18 +0200 (CEST) From: Yann Droneaud To: "David S . Miller" , Jakub Kicinski , Paolo Abeni Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Yann Droneaud Subject: [PATCH] af_unix: Escape abstract unix socket address Date: Wed, 6 Apr 2022 12:22:13 +0200 Message-Id: <20220406102213.2020784-1-ydroneaud@opteya.com> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE, SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Abstract unix socket address are bytes sequences up to 108 bytes (UNIX_PATH_MAX == sizeof(struct sockaddr_un) - offsetof(struct sockaddr_un, sun_path)). As with any random string of bytes, printing them in /proc/net/unix should be done with caution to prevent misbehavior. It would have been great to use seq_escape_mem() to escape the control characters in a reversible way. Unfortunately userspace might expect that NUL bytes are replaced with '@' characters as it's done currently. So this patch implements the following scheme: any control characters, including NUL, in the abstract unix socket addresses is replaced by '@' characters. Sadly, with such non reversible escape scheme, abstract addresses such as "\0\0", "\0\a", "\0\b", "\0\t", etc. will have the same representation: "@@". But will prevent "cat /proc/net/unix" from messing with terminal, and will prevent "\n" in abstract address from messing with parsing the list of Unix sockets. Signed-off-by: Yann Droneaud --- net/unix/af_unix.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index e71a312faa1e..8021efd92301 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -3340,7 +3340,8 @@ static int unix_seq_show(struct seq_file *seq, void *v) i++; } for ( ; i < len; i++) - seq_putc(seq, u->addr->name->sun_path[i] ?: + seq_putc(seq, !iscntrl(u->addr->name->sun_path[i]) ? + u->addr->name->sun_path[i] : '@'); } unix_state_unlock(s); -- 2.32.0