From bdff59a5f645a0b79f0a116d313d13f7ed9603ec Mon Sep 17 00:00:00 2001
From: Laslo Hunhold <dev@frign.de>
Date: Tue, 4 Jul 2017 22:44:47 +0200
Subject: [PATCH] Check for UNIX-doman socket name truncation

---
 quark.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/quark.c b/quark.c
index 817f78d..e3c3058 100644
--- a/quark.c
+++ b/quark.c
@@ -841,6 +841,7 @@ static int
 getusock(char *udsname)
 {
 	struct sockaddr_un addr;
+	size_t udsnamelen;
 	int insock;
 
 	if ((insock = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
@@ -849,7 +850,11 @@ getusock(char *udsname)
 
 	memset(&addr, 0, sizeof(addr));
 	addr.sun_family = AF_UNIX;
-	strncpy(addr.sun_path, udsname, sizeof(addr.sun_path) - 1);
+
+	if ((udsnamelen = strlen(udsname)) > sizeof(addr.sun_path) - 1) {
+		die("%s: UNIX-domain socket name truncated\n", argv0);
+	}
+	memcpy(addr.sun_path, udsname, udsnamelen + 1);
 
 	unlink(udsname);