util: define initializer for 'struct ucred' that properly invalidates all fields

i.e. let's make sure to invalid uid/gid to UID_INVAID + GID_INVALID
instead of zero.

diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c
index 1e66f8700bcedff465a9604069b6609a0a4075f1..94ae90929a18c684b314561755f13a6ed00a8ea1 100644 (file)
--- a/src/basic/socket-util.c
+++ b/src/basic/socket-util.c
@@ -551,7 +551,7 @@ int getpeername_pretty(int fd, bool include_port, char **ret) {
                 return -errno;
 
         if (sa.sa.sa_family == AF_UNIX) {
-                struct ucred ucred = {};
+                struct ucred ucred = UCRED_INVALID;
 
                 /* UNIX connection sockets are anonymous, so let's use
                  * PID/UID as pretty credentials instead */

diff --git a/src/basic/socket-util.h b/src/basic/socket-util.h
index cb4a92236fa1fe9ed4701204bfd7645a892cc2e4..c4fafa084b7f06809a3f1944bf1ba601ebd6c603 100644 (file)
--- a/src/basic/socket-util.h
+++ b/src/basic/socket-util.h
@@ -327,3 +327,6 @@ static inline int socket_set_recvfragsize(int fd, int af, bool b) {
 }
 
 int socket_get_mtu(int fd, int af, size_t *ret);
+
+/* an initializer for struct ucred that initialized all fields to the invalid value appropriate for each */
+#define UCRED_INVALID { .pid = 0, .uid = UID_INVALID, .gid = GID_INVALID }

diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c
index 0a90091a86335c0fce27b6b55eea1093b21e7eba..cbff5036a422dde72fee78e9b6ac18ffbdcad442 100644 (file)
--- a/src/journal/journald-stream.c
+++ b/src/journal/journald-stream.c
@@ -36,6 +36,7 @@
 #include "syslog-util.h"
 #include "tmpfile-util.h"
 #include "unit-name.h"
+#include "user-util.h"
 
 #define STDOUT_STREAMS_MAX 4096
 
@@ -663,6 +664,7 @@ int stdout_stream_install(Server *s, int fd, StdoutStream **ret) {
         *stream = (StdoutStream) {
                 .fd = -1,
                 .priority = LOG_INFO,
+                .ucred = UCRED_INVALID,
         };
 
         xsprintf(stream->id_field, "_STREAM_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(id));
@@ -727,9 +729,9 @@ static int stdout_stream_new(sd_event_source *es, int listen_fd, uint32_t revent
         }
 
         if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
-                struct ucred u;
+                struct ucred u = UCRED_INVALID;
 
-                r = getpeercred(fd, &u);
+                (void) getpeercred(fd, &u);
 
                 /* By closing fd here we make sure that the client won't wait too long for journald to
                  * gather all the data it adds to the error message to find out that the connection has
@@ -737,7 +739,7 @@ static int stdout_stream_new(sd_event_source *es, int listen_fd, uint32_t revent
                  */
                 fd = safe_close(fd);
 
-                server_driver_message(s, r < 0 ? 0 : u.pid, NULL, LOG_MESSAGE("Too many stdout streams, refusing connection."), NULL);
+                server_driver_message(s, u.pid, NULL, LOG_MESSAGE("Too many stdout streams, refusing connection."), NULL);
                 return 0;
         }
 

diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 80f2bdd87f370e750975c04781ee01309c213f61..d8a7c817648d741da3e411ef74f8ad9e40625b75 100644 (file)
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -249,6 +249,7 @@ _public_ int sd_bus_new(sd_bus **ret) {
                 .original_pid = getpid_cached(),
                 .n_groups = SIZE_MAX,
                 .close_on_exit = true,
+                .ucred = UCRED_INVALID,
         };
 
         /* We guarantee that wqueue always has space for at least one entry */

diff --git a/src/libsystemd/sd-login/sd-login.c b/src/libsystemd/sd-login/sd-login.c
index d127443c4c0f9b8518743c91c1965b1cae1c131b..4a35e6142579a9e96413c193b5d8632c6316b722 100644 (file)
--- a/src/libsystemd/sd-login/sd-login.c
+++ b/src/libsystemd/sd-login/sd-login.c
@@ -136,7 +136,7 @@ _public_ int sd_pid_get_cgroup(pid_t pid, char **cgroup) {
 }
 
 _public_ int sd_peer_get_session(int fd, char **session) {
-        struct ucred ucred = {};
+        struct ucred ucred = UCRED_INVALID;
         int r;
 
         assert_return(fd >= 0, -EBADF);

diff --git a/src/shared/varlink.c b/src/shared/varlink.c
index 07a1b96f6013189536b3598ef12505204f07154b..984dea1ff56ae151d956e28bf59adf87b6b44ce8 100644 (file)
--- a/src/shared/varlink.c
+++ b/src/shared/varlink.c
@@ -258,8 +258,7 @@ static int varlink_new(Varlink **ret) {
 
                 .state = _VARLINK_STATE_INVALID,
 
-                .ucred.uid = UID_INVALID,
-                .ucred.gid = GID_INVALID,
+                .ucred = UCRED_INVALID,
 
                 .timestamp = USEC_INFINITY,
                 .timeout = VARLINK_DEFAULT_TIMEOUT_USEC
@@ -2106,8 +2105,8 @@ static int count_connection(VarlinkServer *server, struct ucred *ucred) {
 
 int varlink_server_add_connection(VarlinkServer *server, int fd, Varlink **ret) {
         _cleanup_(varlink_unrefp) Varlink *v = NULL;
+        struct ucred ucred = UCRED_INVALID;
         bool ucred_acquired;
-        struct ucred ucred;
         int r;
 
         assert_return(server, -EINVAL);