fix(socket-util): remove unnecessary variable and ensure NUL termination#69
Conversation
…ion in getpeersec() socket-util: remove unnecessary variable (fccad706) socket-util: make sure SO_PEERSEC returned string is always NUL terminated (989740eb) Changes: - Add debian/patches/fix-socket-util-remove-variable-ensure-nul-termination.patch - Modify debian/patches/series - Modify debian/changelog Upstream: systemd/systemd#30563 Generated-By: glm-5-turbo Co-Authored-By: deepin-ci-robot <packages@deepin.org>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
TAG Bot TAG: 255.2-4deepin37 |
|
Patch 1/2 — getpeersec NUL 终止 SO_PEERSEC 返回的是 LSM(如 SELinux)的安全标签字符串。getsockopt 不保证一定会在字符串末尾写入 \0,这取决于具体的 LSM 实现。加上 s[n] = 0 是防御性编程,确保字符串一定以 NUL 结尾,避免后续字符串操作越界读。 Patch 2/2 — getpeercred 删除多余变量 |
|
TAG Bot New tag: 255.2-4deepin37 |
Summary
Backport upstream PR systemd/systemd#30563 (two minor tweaks to socket-util.c):
ringetpeercred(), directly inline thegetsockoptcall.getsockopt(fd, SOL_SOCKET, SO_PEERSEC, ...)to be safe against LSMs that may not NUL-terminate the returned string.Changes
debian/patches/fix-socket-util-remove-variable-ensure-nul-termination.patchdebian/patches/seriesdebian/changelogUpstream
systemd/systemd#30563
Generated-By: glm-5-turbo