From: Yu Watanabe Date: Fri, 25 Jul 2025 17:06:45 +0000 (+0900) Subject: core/exec-invoke: check size of read size X-Git-Tag: v258-rc2~81^2~8 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1f4e9f6d605f9cee7ef43373cd307ffb1445e562;p=thirdparty%2Fsystemd.git core/exec-invoke: check size of read size Even though we do not use the read data, it is better to check the size to prevent something spurious going. Fixes CID#1612155. --- diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c index dbac2958243..56facd94c3f 100644 --- a/src/core/exec-invoke.c +++ b/src/core/exec-invoke.c @@ -2244,8 +2244,11 @@ static int setup_private_users_child(int unshare_ready_fd, const char *uid_map, /* Wait until the parent unshared the user namespace */ uint64_t c; - if (read(unshare_ready_fd, &c, sizeof(c)) < 0) + ssize_t n = read(unshare_ready_fd, &c, sizeof(c)); + if (n < 0) return log_debug_errno(errno, "Failed to read from signaling eventfd: %m"); + if (n != sizeof(c)) + return log_debug_errno(SYNTHETIC_ERRNO(EIO), "Short read from signaling eventfd."); /* Disable the setgroups() system call in the child user namespace, for good, unless PrivateUsers=full * and using the system service manager. */