From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 7 Oct 2016 10:12:10 +0000 (+0200)
Subject: manager: be stricter with incomining notifications, warn properly about too large... 
X-Git-Tag: v232~138^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=045a3d5989f7565dc496013a9e96d95d86a12cc8;p=thirdparty%2Fsystemd.git

manager: be stricter with incomining notifications, warn properly about too large ones

Let's make the kernel let us know the full, original datagram size of the
incoming message. If it's larger than the buffer space provided by us, drop the
whole message with a warning.

Before this change the kernel would truncate the message for us to the buffer
space provided, and we'd not complain about this, and simply process the
incomplete message as far as it made sense.
---

diff --git a/src/core/manager.c b/src/core/manager.c
index ab65d630a16..66b8904e4ef 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1720,7 +1720,7 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
                 return 0;
         }
 
-        n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
+        n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC);
         if (n < 0) {
                 if (IN_SET(errno, EAGAIN, EINTR))
                         return 0; /* Spurious wakeup, try again */
@@ -1761,7 +1761,7 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
                 return 0;
         }
 
-        if ((size_t) n >= sizeof(buf)) {
+        if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) {
                 log_warning("Received notify message exceeded maximum size. Ignoring.");
                 return 0;
         }