proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-10 02:47:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

seccomp: recvmsg with MSG_TRUNC

Browse Source 
We only read the message without the cookie. For now assert
that the sender also didn't try to send more by letting
`recvmsg()` return the original size of the packet if it was
longer.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
Wolfgang Bumiller 2019-07-08 18:00:20 +02:00
parent 214008eeb2
commit 87e547d9c7
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/lxc/seccomp.c
View File

@ -1466,7 +1466,8 @@ retry:
goto out; goto out;
} }
bytes = lxc_recvmsg_nointr_iov(listener_proxy_fd, iov,iov_len, 0); bytes = lxc_recvmsg_nointr_iov(listener_proxy_fd, iov,iov_len,
MSG_TRUNC);
if (bytes != (ssize_t)msg_base_size) { if (bytes != (ssize_t)msg_base_size) {
SYSERROR("Failed to receive message from seccomp proxy"); SYSERROR("Failed to receive message from seccomp proxy");
seccomp_notify_default_answer(fd, req, resp, hdlr); seccomp_notify_default_answer(fd, req, resp, hdlr);