shared: introduce cmsg_close_all() call

The call iterates through cmsg list and closes all fds passed via
SCM_RIGHTS.

This patch also ensures the call is used wherever appropriate, where we
might get spurious fds sent and we should better close them, then leave
them lying around.

Signed-off-by: Anthony G. Basile <blueness@gentoo.org>

3 files changed, 15 insertions, 0 deletions

diff --git a/src/shared/util.c b/src/shared/util.c
index 0eca4f8562..dc05001a28 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -1696,3 +1696,13 @@ int execute_command(const char *command, char *const argv[]) {
 
         }
 }
+
+void cmsg_close_all(struct msghdr *mh) {
+        struct cmsghdr *cmsg;
+
+        assert(mh);
+
+        for (cmsg = CMSG_FIRSTHDR(mh); cmsg; cmsg = CMSG_NXTHDR(mh, cmsg))
+                if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS)
+                        close_many((int*) CMSG_DATA(cmsg), (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int));
+}
diff --git a/src/shared/util.h b/src/shared/util.h
index 9458a1942f..e9d9df1386 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -485,3 +485,5 @@ union inotify_event_buffer {
         struct inotify_event ev;
         uint8_t raw[INOTIFY_EVENT_MAX];
 };
+
+void cmsg_close_all(struct msghdr *mh);
diff --git a/src/udev/udev-ctrl.c b/src/udev/udev-ctrl.c
index 2d8149e820..a4cc306491 100644
--- a/src/udev/udev-ctrl.c
+++ b/src/udev/udev-ctrl.c
@@ -399,6 +399,9 @@ struct udev_ctrl_msg *udev_ctrl_receive_msg(struct udev_ctrl_connection *conn) {
                 log_error_errno(errno, "unable to receive ctrl message: %m");
                 goto err;
         }
+
+        cmsg_close_all(&smsg);
+
         cmsg = CMSG_FIRSTHDR(&smsg);
         cred = (struct ucred *) CMSG_DATA(cmsg);