Re: systemd CVE-2016-7796
Ben Hutchings <firstname.lastname@example.org> writes:
> The upstream patch doesn't change the n == 0 case and I don't think
> this backport should either. The comment belongs at the bottom of this
> Upstream version 219 changed the above if-statement to check for n < 0,
> but that doesn't seem to have been quite correct. The version in
> unstable has these patches to handle n == 0 properly:
Unless I am mistaken, I believe the comment in this code means we can't
return any errors ever, even for the case where if n==0, where the
wheezy code returns -EIO. So I moved the comment to try and clarify why
I changed this.
However, maybe the correct response is not to treat n==0 as a special
case and continue with the code as normal? This seems to be what the
above patches do.
>> if (n >= 0)
>> - return -EIO;
>> + return 0;
>> if (errno == EAGAIN || errno == EINTR)
>> + log_error("Failed to receive notification message: %m");
> Missing braces.
Ooops. Probably obvious I have programmed more in Python then C lately
Brian May <email@example.com>