From: Jeff Layton <jlayton@kernel.org>
Date: Wed, 28 Jan 2026 13:25:10 +0000 (-0500)
Subject: pidfd/cgroup-util: use fully-sized filehandle buffers
X-Git-Tag: v260-rc1~296
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=eb2e91b9815bcbc59997c1092d7b52fc18930bff;p=thirdparty%2Fsystemd.git

pidfd/cgroup-util: use fully-sized filehandle buffers

The current code assumes that FILEID_KERNFS filehandles will never grow
in size. This is not a safe assumption and userland shouldn't be trying
to guess the size of the filehandle it'll get.

We have a macro for that: MAX_HANDLE_SZ.
---

diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
index 2a7bfb3a019..6fb4d559589 100644
--- a/src/basic/cgroup-util.c
+++ b/src/basic/cgroup-util.c
@@ -38,7 +38,7 @@
 /* The structure to pass to name_to_handle_at() on cgroupfs2 */
 typedef union {
         struct file_handle file_handle;
-        uint8_t space[offsetof(struct file_handle, f_handle) + sizeof(uint64_t)];
+        uint8_t space[MAX_HANDLE_SZ];
 } cg_file_handle;
 
 #define CG_FILE_HANDLE_INIT                                     \
diff --git a/src/basic/pidfd-util.c b/src/basic/pidfd-util.c
index d1ae1c5893d..8c4c8324529 100644
--- a/src/basic/pidfd-util.c
+++ b/src/basic/pidfd-util.c
@@ -239,7 +239,7 @@ int pidfd_get_inode_id_impl(int fd, uint64_t *ret) {
         if (file_handle_supported) {
                 union {
                         struct file_handle file_handle;
-                        uint8_t space[offsetof(struct file_handle, f_handle) + sizeof(uint64_t)];
+                        uint8_t space[MAX_HANDLE_SZ];
                 } fh = {
                         .file_handle.handle_bytes = sizeof(uint64_t),
                         .file_handle.handle_type = FILEID_KERNFS,