coredump: allow only empty messages after first "sentinel"

author Michal Sekletar <msekleta@redhat.com>

Wed, 30 Oct 2024 13:55:09 +0000 (14:55 +0100)

committer Luca Boccassi <luca.boccassi@gmail.com>

Wed, 30 Oct 2024 19:45:31 +0000 (19:45 +0000)
author Michal Sekletar <msekleta@redhat.com>
Wed, 30 Oct 2024 13:55:09 +0000 (14:55 +0100)
committer Luca Boccassi <luca.boccassi@gmail.com>
Wed, 30 Oct 2024 19:45:31 +0000 (19:45 +0000)
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c

index 209d2548c24499891ade1d2abd5fd3321d3e071c..dc725d1b22b64819c56ee79d29593f41ddab77a3 100644 (file)
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -1151,8 +1151,14 @@ static int process_socket(int fd) {
                          r = log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Received unexpected file descriptors.");
                          goto finish;
  
-                } else
-                        cmsg_close_all(&mh);
+                }
+                cmsg_close_all(&mh);
+
+                /* Only zero length messages are allowed after the first message that carried a file descriptor. */
+                if (!first) {
+                        r = log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "Received unexpected message with non zero length.");
+                        goto finish;
+                }
  
                  /* Add trailing NUL byte, in case these are strings */
                  ((char*) iovec.iov_base)[n] = 0;
author	Michal Sekletar <msekleta@redhat.com>
	Wed, 30 Oct 2024 13:55:09 +0000 (14:55 +0100)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Wed, 30 Oct 2024 19:45:31 +0000 (19:45 +0000)