s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr()

This caused crashes in _tsocket_address_bsd_from_sockaddr() when we
read past the end of the allocation.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

1 files changed, 2 insertions, 2 deletions

diff --git a/source4/lib/socket/socket_unix.c b/source4/lib/socket/socket_unix.c
index 0774b12b93..3aa5440242 100644
--- a/source4/lib/socket/socket_unix.c
+++ b/source4/lib/socket/socket_unix.c
@@ -323,7 +323,7 @@ static char *unixdom_get_peer_name(struct socket_context *sock, TALLOC_CTX *mem_
 
 static struct socket_address *unixdom_get_peer_addr(struct socket_context *sock, TALLOC_CTX *mem_ctx)
 {
-	struct sockaddr_in *peer_addr;
+	struct sockaddr_un *peer_addr;
 	socklen_t len = sizeof(*peer_addr);
 	struct socket_address *peer;
 	int ret;
@@ -334,7 +334,7 @@ static struct socket_address *unixdom_get_peer_addr(struct socket_context *sock,
 	}
 	
 	peer->family = sock->backend_name;
-	peer_addr = talloc(peer, struct sockaddr_in);
+	peer_addr = talloc(peer, struct sockaddr_un);
 	if (!peer_addr) {
 		talloc_free(peer);
 		return NULL;