git-commit-vandalism/unix-socket.h
Jeff Hostetler 77e522caae unix-socket: disallow chdir() when creating unix domain sockets
Calls to `chdir()` are dangerous in a multi-threaded context.  If
`unix_stream_listen()` or `unix_stream_connect()` is given a socket
pathname that is too long to fit in a `sockaddr_un` structure, it will
`chdir()` to the parent directory of the requested socket pathname,
create the socket using a relative pathname, and then `chdir()` back.
This is not thread-safe.

Teach `unix_sockaddr_init()` to not allow calls to `chdir()` when this
flag is set.

Signed-off-by: Jeff Hostetler <jeffhost@microsoft.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2021-03-15 14:32:51 -07:00

16 lines
370 B
C

#ifndef UNIX_SOCKET_H
#define UNIX_SOCKET_H
struct unix_stream_listen_opts {
int listen_backlog_size;
unsigned int disallow_chdir:1;
};
#define UNIX_STREAM_LISTEN_OPTS_INIT { 0 }
int unix_stream_connect(const char *path, int disallow_chdir);
int unix_stream_listen(const char *path,
const struct unix_stream_listen_opts *opts);
#endif /* UNIX_SOCKET_H */