varlink: move connection fds > fd2

We want to use this code in NSS modules, and we never know the execution environment we are run in there, hence let's move our fds up to ensure we won't step into dangerous fd territory. This is similar to how we already do it in sd-bus for client connection fds.
author: Lennart Poettering <lennart@poettering.net> 2019-08-15 09:34:05 +0200
committer: Lennart Poettering <lennart@poettering.net> 2019-11-22 10:54:52 +0100
commit: a0c41de277234b57bbcd6a315c9fcc5ec64e9f7c (patch)
tree: 646c6b9d6586e63ef6e53f402a422404fb1efc04
parent: 45a6c965986d484bd1d7d7d1978dbf0d82baec69 (diff)
download: systemd-a0c41de277234b57bbcd6a315c9fcc5ec64e9f7c.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/src/shared/varlink.c b/src/shared/varlink.c
index 7a566762fa..a23525b0a4 100644
--- a/src/shared/varlink.c
+++ b/src/shared/varlink.c
@@ -287,6 +287,8 @@ int varlink_connect_address(Varlink **ret, const char *address) {
         if (v->fd < 0)
                 return -errno;
 
+        v->fd = fd_move_above_stdio(v->fd);
+
         if (connect(v->fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0) {
                 if (!IN_SET(errno, EAGAIN, EINPROGRESS))
                         return -errno;
@@ -2220,6 +2222,8 @@ int varlink_server_listen_address(VarlinkServer *s, const char *address, mode_t
         if (fd < 0)
                 return -errno;
 
+        fd = fd_move_above_stdio(fd);
+
         (void) sockaddr_un_unlink(&sockaddr.un);
 
         RUN_WITH_UMASK(~m & 0777)
author	Lennart Poettering <lennart@poettering.net>	2019-08-15 09:34:05 +0200
committer	Lennart Poettering <lennart@poettering.net>	2019-11-22 10:54:52 +0100
commit	a0c41de277234b57bbcd6a315c9fcc5ec64e9f7c (patch)
tree	646c6b9d6586e63ef6e53f402a422404fb1efc04
parent	45a6c965986d484bd1d7d7d1978dbf0d82baec69 (diff)
download	systemd-a0c41de277234b57bbcd6a315c9fcc5ec64e9f7c.tar.gz