From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 23 Nov 2023 17:05:04 +0000 (+0100)
Subject: socket-util: make sure SO_PEERSEC returned string is always NUL terminated
X-Git-Tag: v256-rc1~1435^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=989740ebc4c9642494f9d196dc113744ddcabb0f;p=thirdparty%2Fsystemd.git

socket-util: make sure SO_PEERSEC returned string is always NUL terminated

it's not entirely clear to me if the manual NUL termination is
necessary, but let's better be safe than sorry, since this is apparently
up to the LSMs, and I am not sure we can trust them all.

A lot of other code (such as dbus-broker) patches in the NUL byte, hence
let's be rather safe-then-sorry, it's trivial after all.
---

diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c
index beb64d8e6c7..47d83f3710f 100644
--- a/src/basic/socket-util.c
+++ b/src/basic/socket-util.c
@@ -907,8 +907,10 @@ int getpeersec(int fd, char **ret) {
                 if (!s)
                         return -ENOMEM;
 
-                if (getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n) >= 0)
+                if (getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n) >= 0) {
+                        s[n] = 0;
                         break;
+                }
 
                 if (errno != ERANGE)
                         return -errno;