[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: systemd CVE-2016-7796

Ben Hutchings <ben@decadent.org.uk> writes:

> The upstream patch doesn't change the n == 0 case and I don't think
> this backport should either.  The comment belongs at the bottom of this
> block.
> Upstream version 219 changed the above if-statement to check for n < 0,
> but that doesn't seem to have been quite correct.  The version in
> unstable has these patches to handle n == 0 properly:
>     If-the-notification-message-length-is-0-ignore-the-messag.patch
>     pid1-process-zero-length-notification-messages-again.patch

Unless I am mistaken, I believe the comment in this code means we can't
return any errors ever, even for the case where if n==0, where the
wheezy code returns -EIO. So I moved the comment to try and clarify why
I changed this.

However, maybe the correct response is not to treat n==0 as a special
case and continue with the code as normal? This seems to be what the
above patches do.

>>                          if (n >= 0)
>> -                                return -EIO;
>> +                                return 0;
>>                          if (errno == EAGAIN || errno == EINTR)
>> +                                log_error("Failed to receive notification message: %m");
>>                                  break;
> Missing braces.

Ooops. Probably obvious I have programmed more in Python then C lately
Brian May <bam@debian.org>

Reply to: