diff options
| author | Demi Marie Obenour <demiobenour@gmail.com> | 2025-07-29 19:20:59 -0400 |
|---|---|---|
| committer | Alan Coopersmith <alan.coopersmith@oracle.com> | 2025-08-30 12:19:44 -0700 |
| commit | e81b999a727d3c8ee9b83adb7c1c822f67378687 (patch) | |
| tree | 8d34f3674ff0e3ac2925368a99cfe2eb26144c5d | |
| parent | 5374250ca3322d95c23917476b9dce81ea3f4bce (diff) | |
Abstract sockets support is an unfixable security risk. Get rid of it.
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Part-of: <https://gitlab.freedesktop.org/xorg/lib/libxcb/-/merge_requests/66>
| -rw-r--r-- | configure.ac | 3 | ||||
| -rw-r--r-- | src/xcb_util.c | 46 |
2 files changed, 1 insertions, 48 deletions
diff --git a/configure.ac b/configure.ac index 4e6f028..a90d71f 100644 --- a/configure.ac +++ b/configure.ac @@ -144,9 +144,6 @@ mingw*) have_win32="yes" lt_enable_auto_import="-Wl,--enable-auto-import" ;; -linux*) - AC_DEFINE([HAVE_ABSTRACT_SOCKETS], 1, [Define if your platform supports abstract sockets]) - ;; esac AC_SUBST(lt_enable_auto_import) diff --git a/src/xcb_util.c b/src/xcb_util.c index 017583e..55771b3 100644 --- a/src/xcb_util.c +++ b/src/xcb_util.c @@ -242,9 +242,6 @@ static int _xcb_open_tcp(const char *host, char *protocol, const unsigned short #ifndef _WIN32 static int _xcb_open_unix(char *protocol, const char *file); #endif /* !WIN32 */ -#ifdef HAVE_ABSTRACT_SOCKETS -static int _xcb_open_abstract(char *protocol, const char *file, size_t filelen); -#endif static int _xcb_open(const char *host, char *protocol, const int display) { @@ -257,7 +254,6 @@ static int _xcb_open(const char *host, char *protocol, const int display) const char *base = unix_base; size_t filelen; char *file = NULL; - int actual_filelen; #ifndef _WIN32 if (protocol && strcmp("unix", protocol) == 0 && host && host[0] == '/') { @@ -269,7 +265,6 @@ static int _xcb_open(const char *host, char *protocol, const int display) if (file == NULL) return -1; memcpy(file, host, filelen); - actual_filelen = (int)(filelen - 1); } else { #endif /* If protocol or host is "unix", fall through to Unix socket code below */ @@ -305,23 +300,11 @@ static int _xcb_open(const char *host, char *protocol, const int display) return -1; /* display specifies Unix socket */ - actual_filelen = snprintf(file, filelen, "%s%d", base, display); - - if(actual_filelen < 0) + if (snprintf(file, filelen, "%s%d", base, display) < 0) { free(file); return -1; } - /* snprintf may truncate the file */ - filelen = MIN(actual_filelen, filelen - 1); -#ifdef HAVE_ABSTRACT_SOCKETS - fd = _xcb_open_abstract(protocol, file, filelen); - if (fd >= 0 || (errno != ENOENT && errno != ECONNREFUSED)) - { - free(file); - return fd; - } -#endif } fd = _xcb_open_unix(protocol, file); free(file); @@ -492,33 +475,6 @@ static int _xcb_open_unix(char *protocol, const char *file) } #endif /* !_WIN32 */ -#ifdef HAVE_ABSTRACT_SOCKETS -static int _xcb_open_abstract(char *protocol, const char *file, size_t filelen) -{ - int fd; - struct sockaddr_un addr = {0}; - socklen_t namelen; - - if (protocol && strcmp("unix",protocol)) - return -1; - - strcpy(addr.sun_path + 1, file); - addr.sun_family = AF_UNIX; - namelen = offsetof(struct sockaddr_un, sun_path) + 1 + filelen; -#ifdef HAVE_SOCKADDR_SUN_LEN - addr.sun_len = 1 + filelen; -#endif - fd = _xcb_socket(AF_UNIX, SOCK_STREAM, 0); - if (fd == -1) - return -1; - if (connect(fd, (struct sockaddr *) &addr, namelen) == -1) { - close(fd); - return -1; - } - return fd; -} -#endif - xcb_connection_t *xcb_connect(const char *displayname, int *screenp) { return xcb_connect_to_display_with_auth_info(displayname, NULL, screenp); |