[systemd-devel] Suspicious assertions in resolved
Topi Miettinen
toiwoton at gmail.com
Sun Jan 18 11:12:19 PST 2015
Hello,
I think resolved_manager.c function manager_recv() has an assertion that
could be triggerable by the server sending an oversized packet:
assert(!(mh.msg_flags & MSG_TRUNC));
The other assertions look suspicious too but I don't know if they can
really be triggered by the other side.
I'd propose something like this:
diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c
index 0594479..b1defa3 100644
--- a/src/resolve/resolved-manager.c
+++ b/src/resolve/resolved-manager.c
@@ -894,7 +894,8 @@ int manager_recv(Manager *m, int fd, DnsProtocol
protocol, DnsPacket **ret) {
return -EIO;
assert(!(mh.msg_flags & MSG_CTRUNC));
- assert(!(mh.msg_flags & MSG_TRUNC));
+ if (mh.msg_flags & MSG_TRUNC)
+ return -EIO;
p->size = (size_t) l;
-Topi
More information about the systemd-devel
mailing list