diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-10-07 12:12:10 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-10-07 12:12:10 +0200 |
commit | 045a3d5989f7565dc496013a9e96d95d86a12cc8 (patch) | |
tree | 877e8bf9839fc4476a0e3a6611c5926e3b0dd34e | |
parent | c55ae51e77e1fc56fde7bc3466dd2021ff3856cb (diff) |
manager: be stricter with incomining notifications, warn properly about too large ones
Let's make the kernel let us know the full, original datagram size of the
incoming message. If it's larger than the buffer space provided by us, drop the
whole message with a warning.
Before this change the kernel would truncate the message for us to the buffer
space provided, and we'd not complain about this, and simply process the
incomplete message as far as it made sense.
-rw-r--r-- | src/core/manager.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/core/manager.c b/src/core/manager.c index ab65d630a1..66b8904e4e 100644 --- a/src/core/manager.c +++ b/src/core/manager.c @@ -1720,7 +1720,7 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t return 0; } - n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC); + n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC); if (n < 0) { if (IN_SET(errno, EAGAIN, EINTR)) return 0; /* Spurious wakeup, try again */ @@ -1761,7 +1761,7 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t return 0; } - if ((size_t) n >= sizeof(buf)) { + if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) { log_warning("Received notify message exceeded maximum size. Ignoring."); return 0; } |