packages/systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
systemd/backport-core-fix-SIGABRT-on-empty-exec-command-argv.patch
h30032433 f1ff776ce0 sync patches from systemd community
2023-12-18 15:30:01 +08:00

64 lines
2.7 KiB
Diff
Raw Blame History

From b050bba79ba0e6150c46d5644037f4d32efca0b4 Mon Sep 17 00:00:00 2001
From: Henri Chain <henri.chain@enioka.com>
Date: Tue, 5 Oct 2021 13:10:31 +0200
Subject: [PATCH] core: fix SIGABRT on empty exec command argv
This verifies that the argv part of any exec_command parameters that
are sent through dbus is not empty at deserialization time.
There is an additional check in service.c service_verify() that again
checks if all exec_commands are correctly populated, after the service
has been loaded, whether through dbus or otherwise.
Fixes #20933.
(cherry picked from commit 29500cf8c47e6eb0518d171d62aa8213020c9152)
(cherry picked from commit 7a58bf7aac8b2c812ee0531b0cc426e0067edd35)
Conflict:testsuite-23.sh is not exist, so unsynchronized modifications in testsuite-23.sh
Reference:https://github.com/systemd/systemd-stable/commit/b050bba79ba0e6150c46d5644037f4d32efca0b4
---
src/core/dbus-execute.c | 4 ++++
src/core/service.c | 10 ++++++++++
2 files changed, 14 insertions(+)
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index f2e40a3..7315a3f 100644
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -1039,6 +1039,10 @@ int bus_set_transient_exec_command(
if (r < 0)
return r;
+ if (strv_isempty(argv))
+ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
+ "\"%s\" argv cannot be empty", name);
+
r = is_ex_prop ? sd_bus_message_read_strv(message, &ex_opts) : sd_bus_message_read(message, "b", &b);
if (r < 0)
return r;
diff --git a/src/core/service.c b/src/core/service.c
index 95a3ded..3cb0c07 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -553,6 +553,16 @@ static int service_verify(Service *s) {
if (UNIT(s)->load_state != UNIT_LOADED)
return 0;
+ for (ServiceExecCommand c = 0; c < _SERVICE_EXEC_COMMAND_MAX; c++) {
+ ExecCommand *command;
+
+ LIST_FOREACH(command, command, s->exec_command[c])
+ if (strv_isempty(command->argv))
+ return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOEXEC),
+ "Service has an empty argv in %s=. Refusing.",
+ service_exec_command_to_string(c));
+ }
+
if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP]
&& UNIT(s)->success_action == EMERGENCY_ACTION_NONE) {
/* FailureAction= only makes sense if one of the start or stop commands is specified.
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink