From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 15 Aug 2019 07:34:05 +0000 (+0200)
Subject: varlink: move connection fds > fd2
X-Git-Tag: v244-rc1~3^2~3
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a0c41de277234b57bbcd6a315c9fcc5ec64e9f7c;p=thirdparty%2Fsystemd.git

varlink: move connection fds > fd2

We want to use this code in NSS modules, and we never know the execution
environment we are run in there, hence let's move our fds up to ensure
we won't step into dangerous fd territory.

This is similar to how we already do it in sd-bus for client connection
fds.
---

diff --git a/src/shared/varlink.c b/src/shared/varlink.c
index 7a566762fa6..a23525b0a45 100644
--- a/src/shared/varlink.c
+++ b/src/shared/varlink.c
@@ -287,6 +287,8 @@ int varlink_connect_address(Varlink **ret, const char *address) {
         if (v->fd < 0)
                 return -errno;
 
+        v->fd = fd_move_above_stdio(v->fd);
+
         if (connect(v->fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0) {
                 if (!IN_SET(errno, EAGAIN, EINPROGRESS))
                         return -errno;
@@ -2220,6 +2222,8 @@ int varlink_server_listen_address(VarlinkServer *s, const char *address, mode_t
         if (fd < 0)
                 return -errno;
 
+        fd = fd_move_above_stdio(fd);
+
         (void) sockaddr_un_unlink(&sockaddr.un);
 
         RUN_WITH_UMASK(~m & 0777)