From 3691bcf3c5eebdcca5b4f1c51c745441c57a6cd1 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 23 Apr 2020 09:40:03 +0200 Subject: tree-wide: use recvmsg_safe() at various places Let's be extra careful whenever we return from recvmsg() and see MSG_CTRUNC set. This generally means we ran into a programming error, as we didn't size the control buffer large enough. It's an error condition we should at least log about, or propagate up. Hence do that. This is particularly important when receiving fds, since for those the control data can be of any size. In particular on stream sockets that's nasty, because if we miss an fd because of control data truncation we cannot recover, we might not even realize that we are one off. (Also, when failing early, if there's any chance the socket might be AF_UNIX let's close all received fds, all the time. We got this right most of the time, but there were a few cases missing. God, UNIX is hard to use) --- src/udev/udev-ctrl.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'src/udev/udev-ctrl.c') diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c index b8c0d83a02..d067279f3e 100644 --- a/src/udev/udev-ctrl.c +++ b/src/udev/udev-ctrl.c @@ -212,13 +212,11 @@ static int udev_ctrl_connection_event_handler(sd_event_source *s, int fd, uint32 if (size == 0) return 0; /* Client disconnects? */ - size = recvmsg(fd, &smsg, 0); - if (size < 0) { - if (errno != EINTR) - return log_error_errno(errno, "Failed to receive ctrl message: %m"); - + size = recvmsg_safe(fd, &smsg, 0); + if (size == -EINTR) return 0; - } + if (size < 0) + return log_error_errno(size, "Failed to receive ctrl message: %m"); cmsg_close_all(&smsg); -- cgit v1.2.1