Re: systemd CVE-2016-7796
Ben Hutchings <ben@decadent.org.uk> writes:
> The upstream patch doesn't change the n == 0 case and I don't think
> this backport should either. The comment belongs at the bottom of this
> block.
>
> Upstream version 219 changed the above if-statement to check for n < 0,
> but that doesn't seem to have been quite correct. The version in
> unstable has these patches to handle n == 0 properly:
>
> If-the-notification-message-length-is-0-ignore-the-messag.patch
> pid1-process-zero-length-notification-messages-again.patch
Unless I am mistaken, I believe the comment in this code means we can't
return any errors ever, even for the case where if n==0, where the
wheezy code returns -EIO. So I moved the comment to try and clarify why
I changed this.
However, maybe the correct response is not to treat n==0 as a special
case and continue with the code as normal? This seems to be what the
above patches do.
>> if (n >= 0)
>> - return -EIO;
>> + return 0;
>>
>> if (errno == EAGAIN || errno == EINTR)
>> + log_error("Failed to receive notification message: %m");
>> break;
>
> Missing braces.
Ooops. Probably obvious I have programmed more in Python then C lately
:-(
--
Brian May <bam@debian.org>
Reply to: