systemd: Fix uninitialised memory issue in veth setup

This caused containers to randomly fail, in particular if the machine name was 8 characters.
2024-12-27 05:43:50 +03:00 · 2014-08-15 04:07:45 +02:00 · 2014-08-15 04:07:45 +02:00 · 97d6afafaa
commit 97d6afafaa
parent a323d146b7
1 changed files with 117 additions and 0 deletions
--- a/pkgs/os-specific/linux/systemd/fixes.patch
+++ b/pkgs/os-specific/linux/systemd/fixes.patch
@ -1074,6 +1074,123 @@ index b087a8b..967ab67 100644
 
         test_catalog_file_lang();
 
+diff --git a/src/libsystemd/sd-rtnl/rtnl-message.c b/src/libsystemd/sd-rtnl/rtnl-message.c
+index 84a8ffa..e79b318 100644
+--- a/src/libsystemd/sd-rtnl/rtnl-message.c
+++ b/src/libsystemd/sd-rtnl/rtnl-message.c
+@@ -335,24 +335,28 @@ int sd_rtnl_message_link_get_flags(sd_rtnl_message *m, unsigned *flags) {
+ /* If successful the updated message will be correctly aligned, if
+    unsuccessful the old message is untouched. */
+ static int add_rtattr(sd_rtnl_message *m, unsigned short type, const void *data, size_t data_length) {
+-        uint32_t rta_length, message_length;
+        uint32_t rta_length;
+        size_t message_length, padding_length;
+         struct nlmsghdr *new_hdr;
+         struct rtattr *rta;
+         char *padding;
+         unsigned i;
+        int offset;
+ 
+         assert(m);
+         assert(m->hdr);
+         assert(!m->sealed);
+         assert(NLMSG_ALIGN(m->hdr->nlmsg_len) == m->hdr->nlmsg_len);
+-        assert(!data || data_length > 0);
+-        assert(data || m->n_containers < RTNL_CONTAINER_DEPTH);
+        assert(!data || data_length);
+
+        /* get offset of the new attribute */
+        offset = m->hdr->nlmsg_len;
+ 
+         /* get the size of the new rta attribute (with padding at the end) */
+         rta_length = RTA_LENGTH(data_length);
+ 
+         /* get the new message size (with padding at the end) */
+-        message_length = m->hdr->nlmsg_len + RTA_ALIGN(rta_length);
+        message_length = offset + RTA_ALIGN(rta_length);
+ 
+         /* realloc to fit the new attribute */
+         new_hdr = realloc(m->hdr, message_length);
+@@ -361,32 +365,35 @@ static int add_rtattr(sd_rtnl_message *m, unsigned short type, const void *data,
+         m->hdr = new_hdr;
+ 
+         /* get pointer to the attribute we are about to add */
+-        rta = (struct rtattr *) ((uint8_t *) m->hdr + m->hdr->nlmsg_len);
+        rta = (struct rtattr *) ((uint8_t *) m->hdr + offset);
+ 
+         /* if we are inside containers, extend them */
+         for (i = 0; i < m->n_containers; i++)
+-                GET_CONTAINER(m, i)->rta_len += message_length - m->hdr->nlmsg_len;
+                GET_CONTAINER(m, i)->rta_len += message_length - offset;
+ 
+         /* fill in the attribute */
+         rta->rta_type = type;
+         rta->rta_len = rta_length;
+-        if (!data) {
+-                /* this is the start of a new container */
+-                m->container_offsets[m->n_containers ++] = m->hdr->nlmsg_len;
+-        } else {
+        if (data)
+                 /* we don't deal with the case where the user lies about the type
+                  * and gives us too little data (so don't do that)
+-                */
+                 */
+                 padding = mempcpy(RTA_DATA(rta), data, data_length);
+-                /* make sure also the padding at the end of the message is initialized */
+-                memzero(padding,
+-                        (uint8_t *) m->hdr + message_length - (uint8_t *) padding);
+        else {
+                /* if no data was passed, make sure we still initialize the padding
+                   note that we can have data_length > 0 (used by some containers) */
+                padding = RTA_DATA(rta);
+                data_length = 0;
+         }
+ 
+        /* make sure also the padding at the end of the message is initialized */
+        padding_length = (uint8_t*)m->hdr + message_length - (uint8_t*)padding;
+        memzero(padding, padding_length);
+
+         /* update message size */
+         m->hdr->nlmsg_len = message_length;
+ 
+-        return 0;
+        return offset;
+ }
+ 
+ int sd_rtnl_message_append_string(sd_rtnl_message *m, unsigned short type, const char *data) {
+@@ -761,22 +768,29 @@ int sd_rtnl_message_open_container(sd_rtnl_message *m, unsigned short type) {
+ 
+         assert_return(m, -EINVAL);
+         assert_return(!m->sealed, -EPERM);
+        assert_return(m->n_containers < RTNL_CONTAINER_DEPTH, -ERANGE);
+ 
+         sd_rtnl_message_get_type(m, &rtm_type);
+ 
+        int r = -ENOTSUP;
+
+         if (rtnl_message_type_is_link(rtm_type)) {
+ 
+                 if ((type == IFLA_LINKINFO && m->n_containers == 0) ||
+                     (type == IFLA_INFO_DATA && m->n_containers == 1 &&
+                      GET_CONTAINER(m, 0)->rta_type == IFLA_LINKINFO))
+-                        return add_rtattr(m, type, NULL, 0);
+                        r = add_rtattr(m, type, NULL, 0);
+                 else if (type == VETH_INFO_PEER && m->n_containers == 2 &&
+                          GET_CONTAINER(m, 1)->rta_type == IFLA_INFO_DATA &&
+                          GET_CONTAINER(m, 0)->rta_type == IFLA_LINKINFO)
+-                        return add_rtattr(m, type, NULL, sizeof(struct ifinfomsg));
+                        r=  add_rtattr(m, type, NULL, sizeof(struct ifinfomsg));
+         }
+ 
+-        return -ENOTSUP;
+        if (r < 0) return r;
+
+        m->container_offsets[m->n_containers ++] = r;
+
+        return 0;
+ }
+ 
+ int sd_rtnl_message_close_container(sd_rtnl_message *m) {
 diff --git a/src/libudev/libudev-monitor.c b/src/libudev/libudev-monitor.c
 index ba1b04d..85b1e40 100644
 --- a/src/libudev/libudev-monitor.c