diff options
| author | Daan De Meyer <daan.j.demeyer@gmail.com> | 2022-07-15 01:49:25 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2022-07-15 11:06:18 +0200 |
| commit | 1f9d2a8199c261593aa6a11df9cce5d31e23c714 (patch) | |
| tree | 817424a706251d32b2320100995394461928c5b2 /src/coredump | |
| parent | 5eab88a569c1bb5f79093f38e872e588d64a2b26 (diff) | |
| download | systemd-1f9d2a8199c261593aa6a11df9cce5d31e23c714.tar.gz | |
coredump: Connect stdout/stderr to /dev/null before doing anything
When invoked as the coredump handler by the kernel, systemd-coredump's
stdout and stderr streams are closed. This is dangerous as this means
the fd's can get reallocated, leading to hard to debug errors such as
log messages ending up being appended to a compressed coredump file.
To avoid such issues in the future, let's bind stdout/stderr to
/dev/null so the file descriptors can't get used for anything else.
Diffstat (limited to 'src/coredump')
| -rw-r--r-- | src/coredump/coredump.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index 994d968d87..10a96ab568 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -1271,6 +1271,13 @@ static int process_kernel(int argc, char* argv[]) { struct iovec_wrapper *iovw; int r; + /* When we're invoked by the kernel, stdout/stderr are closed which is dangerous because the fds + * could get reallocated. To avoid hard to debug issues, let's instead bind stdout/stderr to + * /dev/null. */ + r = rearrange_stdio(STDIN_FILENO, -1, -1); + if (r < 0) + return log_error_errno(r, "Failed to connect stdout/stderr to /dev/null: %m"); + log_debug("Processing coredump received from the kernel..."); iovw = iovw_new(); |