From e27e4a8442db4b5c006eeb72e07970053d671f68 Mon Sep 17 00:00:00 2001 From: deepin-ci-robot Date: Tue, 16 Jun 2026 11:22:03 +0000 Subject: [PATCH] fix(socket-util): remove unnecessary variable and ensure NUL termination in getpeersec() socket-util: remove unnecessary variable (fccad706) socket-util: make sure SO_PEERSEC returned string is always NUL terminated (989740eb) Changes: - Add debian/patches/fix-socket-util-remove-variable-ensure-nul-termination.patch - Modify debian/patches/series - Modify debian/changelog Upstream: https://github.com/systemd/systemd/pull/30563 Generated-By: glm-5-turbo Co-Authored-By: deepin-ci-robot --- debian/changelog | 6 ++ ...move-variable-ensure-nul-termination.patch | 63 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 70 insertions(+) create mode 100644 debian/patches/fix-socket-util-remove-variable-ensure-nul-termination.patch diff --git a/debian/changelog b/debian/changelog index 569979b..7a896d5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +systemd (255.2-4deepin37) unstable; urgency=medium + + * Fix socket-util: remove unnecessary variable and ensure NUL termination in getpeersec() + + -- deepin-ci-robot Tue, 16 Jun 2026 11:21:40 +0800 + systemd (255.2-4deepin36) unstable; urgency=medium * fix wrong error variable in log_error_errno() diff --git a/debian/patches/fix-socket-util-remove-variable-ensure-nul-termination.patch b/debian/patches/fix-socket-util-remove-variable-ensure-nul-termination.patch new file mode 100644 index 0000000..adf89c3 --- /dev/null +++ b/debian/patches/fix-socket-util-remove-variable-ensure-nul-termination.patch @@ -0,0 +1,63 @@ +From 6280da47462ffef6f9a58c98049b70cd7201fb8b Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Fri, 22 Dec 2023 02:30:46 +0900 +Subject: [PATCH] Merge pull request #30563 from poettering/socket-tweaks + +two minor tweak to socket-util.c + +From fccad7060267176fdb49263672b03fd214c0b628 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Thu, 23 Nov 2023 17:58:15 +0100 +Subject: [PATCH] socket-util: remove unnecessary variable + + +diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c +index 47d83f3710..4f28d16b5e 100644 +--- a/src/basic/socket-util.c ++++ b/src/basic/socket-util.c +@@ -872,13 +872,11 @@ bool address_label_valid(const char *p) { + int getpeercred(int fd, struct ucred *ucred) { + socklen_t n = sizeof(struct ucred); + struct ucred u; +- int r; + + assert(fd >= 0); + assert(ucred); + +- r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n); +- if (r < 0) ++ if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &u, &n) < 0) + return -errno; + + if (n != sizeof(struct ucred)) + +From 989740ebc4c9642494f9d196dc113744ddcabb0f Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Thu, 23 Nov 2023 18:05:04 +0100 +Subject: [PATCH] socket-util: make sure SO_PEERSEC returned string is always + NUL terminated + +it's not entirely clear to me if the manual NUL termination is +necessary, but let's better be safe than sorry, since this is apparently +up to the LSMs, and I am not sure we can trust them all. + +A lot of other code (such as dbus-broker) patches in the NUL byte, hence +let's be rather safe-then-sorry, it's trivial after all. + +diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c +index beb64d8e6c..47d83f3710 100644 +--- a/src/basic/socket-util.c ++++ b/src/basic/socket-util.c +@@ -907,8 +907,10 @@ int getpeersec(int fd, char **ret) { + if (!s) + return -ENOMEM; + +- if (getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n) >= 0) ++ if (getsockopt(fd, SOL_SOCKET, SO_PEERSEC, s, &n) >= 0) { ++ s[n] = 0; + break; ++ } + + if (errno != ERANGE) + return -errno; + diff --git a/debian/patches/series b/debian/patches/series index f669e80..7b56caf 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -47,3 +47,4 @@ fix-byte-order-conversion.patch update-po-file-about-bo-and-ug.patch fix-double-free.patch fix-wrong-err-log.patch +fix-socket-util-remove-variable-ensure-nul-termination.patch