From 917624edf0d0ccfba9ec0d8940dd72363298c6d1 Mon Sep 17 00:00:00 2001 From: npt-1707 Date: Wed, 23 Apr 2025 02:35:09 +0800 Subject: [PATCH] Fix issue of listen before chmod on Unix sockets (CVE-2023-45145) --- src/anet.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/anet.c b/src/anet.c index c47853867..ca460f6f3 100644 --- a/src/anet.c +++ b/src/anet.c @@ -411,13 +411,16 @@ int anetUnixGenericConnect(char *err, const char *path, int flags) return s; } -static int anetListen(char *err, int s, struct sockaddr *sa, socklen_t len, int backlog) { +static int anetListen(char *err, int s, struct sockaddr *sa, socklen_t len, int backlog, mode_t perm) { if (bind(s,sa,len) == -1) { anetSetError(err, "bind: %s", strerror(errno)); close(s); return ANET_ERR; } + if (sa->sa_family == AF_LOCAL && perm) + chmod(((struct sockaddr_un *) sa)->sun_path, perm); + if (listen(s, backlog) == -1) { anetSetError(err, "listen: %s", strerror(errno)); close(s); @@ -462,7 +465,7 @@ static int _anetTcpServer(char *err, int port, const char *bindaddr, int af, int if (af == AF_INET6 && anetV6Only(err,s) == ANET_ERR) goto error; if (anetSetReuseAddr(err,s) == ANET_ERR) goto error; if (fReusePort && !fFirstListen && anetSetReusePort(err,s) == ANET_ERR) goto error; - if (anetListen(err,s,p->ai_addr,p->ai_addrlen,backlog) == ANET_ERR) { + if (anetListen(err,s,p->ai_addr,p->ai_addrlen,backlog,0) == ANET_ERR) { s = ANET_ERR; goto end; } @@ -503,10 +506,8 @@ int anetUnixServer(char *err, char *path, mode_t perm, int backlog) memset(&sa,0,sizeof(sa)); sa.sun_family = AF_LOCAL; strncpy(sa.sun_path,path,sizeof(sa.sun_path)-1); - if (anetListen(err,s,(struct sockaddr*)&sa,sizeof(sa),backlog) == ANET_ERR) + if (anetListen(err,s,(struct sockaddr*)&sa,sizeof(sa),backlog,perm) == ANET_ERR) return ANET_ERR; - if (perm) - chmod(sa.sun_path, perm); return s; }