Prevent socketnames in renderd.conf exceeding maximum allowed length (

#422) The maximum allowed length of a socket file name is 108: https://www4.cs.fau.de/Services/Doc/C/libc.html#SEC189 Exceeding this length will likely lead to difficult to troubleshoot behavior.
openstreetmap · Mar 25, 2024 · aebb506 · aebb506
1 parent 2ce51df
commit aebb506
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 0 deletions.
diff --git a/src/renderd_config.c b/src/renderd_config.c
@@ -17,6 +17,8 @@
 
 #define _GNU_SOURCE
 
+#include <sys/un.h>
+
 #include "config.h"
 #include "g_logger.h"
 #include "render_config.h"
@@ -361,6 +363,7 @@ void process_mapnik_section(const char *config_file_name, renderd_config *config
 void process_renderd_sections(const char *config_file_name, renderd_config *configs_dest)
 {
 	int renderd_section_num = -1;
+	int renderd_socketname_maxlen = sizeof(((struct sockaddr_un *)0)->sun_path);
 
 	dictionary *ini = iniparser_load(config_file_name);
 
@@ -410,6 +413,11 @@ void process_renderd_sections(const char *config_file_name, renderd_config *conf
 			if (configs_dest[renderd_section_num].num_threads == -1) {
 				configs_dest[renderd_section_num].num_threads = sysconf(_SC_NPROCESSORS_ONLN);
 			}
+
+			if (strnlen(configs_dest[renderd_section_num].socketname, PATH_MAX) >= renderd_socketname_maxlen) {
+				g_logger(G_LOG_LEVEL_CRITICAL, "Specified socketname (%s) exceeds maximum allowed length of %i.", configs_dest[renderd_section_num].socketname, renderd_socketname_maxlen);
+				exit(7);
+			}
 		}
 	}
 

diff --git a/tests/renderd_config_test.cpp b/tests/renderd_config_test.cpp
@@ -18,6 +18,7 @@
 #include <fstream>
 #include <stdio.h>
 #include <string>
+#include <sys/un.h>
 
 #include "catch/catch.hpp"
 #include "catch/catch_test_common.hpp"
@@ -547,4 +548,29 @@ TEST_CASE("renderd_config config parser", "specific testing")
 		found = err_log_lines.find("Specified type (a b c d) has too many parts, there must be no more than 3, e.g., 'png image/png png256'.");
 		REQUIRE(found > -1);
 	}
+
+	SECTION("renderd.conf renderd section socketname is too long", "should return 7") {
+		int renderd_socketname_maxlen = sizeof(((struct sockaddr_un *)0)->sun_path);
+		std::string renderd_socketname = "/" + std::string(renderd_socketname_maxlen, 'A');
+
+		std::string renderd_conf = std::tmpnam(nullptr);
+		std::ofstream renderd_conf_file;
+		renderd_conf_file.open(renderd_conf);
+		renderd_conf_file << "[mapnik]\n[map]\n";
+		renderd_conf_file << "[renderd]\nsocketname=" << renderd_socketname << "\n";
+		renderd_conf_file.close();
+
+		std::string option = "--config " + renderd_conf;
+		std::string command = test_binary + " " + option;
+
+		// flawfinder: ignore
+		FILE *pipe = popen(command.c_str(), "r");
+		int status = pclose(pipe);
+		std::remove(renderd_conf.c_str());
+		REQUIRE(WEXITSTATUS(status) == 7);
+
+		err_log_lines = read_stderr();
+		found = err_log_lines.find("Specified socketname (" + renderd_socketname + ") exceeds maximum allowed length of " + std::to_string(renderd_socketname_maxlen) + ".");
+		REQUIRE(found > -1);
+	}
 }