The recvmsg system calls for netlink sockets have been particularly
prone to picking up unrelated data after a file descriptor race
(where the descriptor is closed and reopened concurrently in a
multi-threaded process, as the result of a file descriptor
management issue elsewhere). This commit adds additional error
checking and aborts the process if a datagram of unexpected length
(without the netlink header) is received, or an error code which
cannot happen due to the way the netlink socket is used.
[BZ #12926]
Terminate process on invalid netlink response.
* sysdeps/unix/sysv/linux/netlinkaccess.h
(__netlink_assert_response): Declare.
* sysdeps/unix/sysv/linux/netlink_assert_response.c: New file.
* sysdeps/unix/sysv/linux/Makefile [$(subdir) == inet]
(sysdep_routines): Add netlink_assert_response.
* sysdeps/unix/sysv/linux/check_native.c (__check_native): Call
__netlink_assert_response.
* sysdeps/unix/sysv/linux/check_pf.c (make_request): Likewise.
* sysdeps/unix/sysv/linux/ifaddrs.c (__netlink_request): Likewise.
* sysdeps/unix/sysv/linux/Versions (GLIBC_PRIVATE): Add
__netlink_assert_response.
(struct in6addrinfo): Add index element.
Declare __check_native.
* inet/Makefile (aux): Add check_native.
* sysdeps/unix/sysv/linux/check_native.c: New file.
* sysdeps/unix/sysv/linux/check_pf.c: No need to recognize
IFA_F_TEMPORARY. Pass back ifa_index.
* sysdeps/posix/getaddrinfo.c: Remove netlink compatibility code.
(rfc3484_sort): Add new parameter. Implement rule 7 correctly:
call __check_native if necessary.
(getaddrinfo): Fill in index field. Use qsort_r instead of qsort
to sort addresses. Pass information about the results.
* posix/tst-rfc3484.c: Adjust for addition of index field and change
of rfc3484_sort interface.
* posix/tst-rfc3484-2.c: Likewise.
