From 5279acb58d9df0b136f4d2931e7b88c1c09a966a Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Mon, 16 Jun 2025 10:52:26 +0200
Subject: [PATCH] vmspawn: tighten parser of EXIT_STATUS=

The EXIT_STATUS is supposed to encapuslate an ANSI C process exit
status, which is 8bit unsigned. Hence parse it as such, do not accept
negative values, or values > 255.
---
 src/vmspawn/vmspawn.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/vmspawn/vmspawn.c b/src/vmspawn/vmspawn.c
index 0a3ac892556..a3dd1432b28 100644
--- a/src/vmspawn/vmspawn.c
+++ b/src/vmspawn/vmspawn.c
@@ -727,9 +727,12 @@ static int read_vsock_notify(NotifyConnectionData *d, int fd) {
 
         p = strv_find_startswith(tags, "EXIT_STATUS=");
         if (p) {
-                r = safe_atoi(p, d->exit_status);
+                uint8_t k = 0;
+                r = safe_atou8(p, &k);
                 if (r < 0)
                         log_warning_errno(r, "Failed to parse exit status from %s, ignoring: %m", p);
+                else
+                        *d->exit_status = k;
         }
 
         return 1; /* done */
-- 
2.47.3