Fix abstract name handling to be binary safe

Per unix(7):
abstract: an abstract socket address is distinguished (from a
pathname socket) by the fact that sun_path[0] is a null byte
('\0').  The socket's address in this namespace is given by the
additional bytes in sun_path that are covered by the specified
length of the address structure.  (Null bytes in the name have no
special significance.)  The name has no connection with filesystem
pathnames.  When the address of an abstract socket is returned,
the returned addrlen is greater than sizeof(sa_family_t) (i.e.,
greater than 2), and the name of the socket is contained in the
first (addrlen - sizeof(sa_family_t)) bytes of sun_path.

The existing implementation was assuming significance in null bytes
contained in the abstract address identifier.

diff --git a/main/network.c b/main/network.c
index 076608c37f0ae0195ca2e0eb18ce063594d17157..6b04a0701f74edb2009afce6a0fd5a1695aff157 100644 (file)
--- a/main/network.c
+++ b/main/network.c
@@ -656,7 +656,7 @@ PHPAPI void php_network_populate_name_from_sockaddr(
 
                                        if (ua->sun_path[0] == '\0') {
                                                /* abstract name */
-                                               int len = strlen(ua->sun_path + 1) + 1;
+                                               int len = sl - sizeof(sa_family_t);
                                                *textaddr = zend_string_init((char*)ua->sun_path, len, 0);
                                        } else {
                                                int len = strlen(ua->sun_path);