2eecc8afd0
The recvmsg system calls for netlink sockets have been particularly prone to picking up unrelated data after a file descriptor race (where the descriptor is closed and reopened concurrently in a multi-threaded process, as the result of a file descriptor management issue elsewhere). This commit adds additional error checking and aborts the process if a datagram of unexpected length (without the netlink header) is received, or an error code which cannot happen due to the way the netlink socket is used. [BZ #12926] Terminate process on invalid netlink response. * sysdeps/unix/sysv/linux/netlinkaccess.h (__netlink_assert_response): Declare. * sysdeps/unix/sysv/linux/netlink_assert_response.c: New file. * sysdeps/unix/sysv/linux/Makefile [$(subdir) == inet] (sysdep_routines): Add netlink_assert_response. * sysdeps/unix/sysv/linux/check_native.c (__check_native): Call __netlink_assert_response. * sysdeps/unix/sysv/linux/check_pf.c (make_request): Likewise. * sysdeps/unix/sysv/linux/ifaddrs.c (__netlink_request): Likewise. * sysdeps/unix/sysv/linux/Versions (GLIBC_PRIVATE): Add __netlink_assert_response.
176 lines
3.1 KiB
Plaintext
176 lines
3.1 KiB
Plaintext
libc {
|
|
# The comment lines with "#errlist-compat" are magic; see errlist-compat.awk.
|
|
# When you get an error from errlist-compat.awk, you need to add a new
|
|
# version here. Don't do this blindly, since this means changing the ABI
|
|
# for all GNU/Linux configurations.
|
|
|
|
GLIBC_2.0 {
|
|
# functions used in inline functions or macros
|
|
__cmsg_nxthdr;
|
|
|
|
# functions used in other libraries
|
|
__clone;
|
|
|
|
# helper functions
|
|
__errno_location;
|
|
|
|
# b*
|
|
bdflush;
|
|
|
|
# c*
|
|
clone; create_module;
|
|
|
|
# d*
|
|
delete_module;
|
|
|
|
# g*
|
|
get_kernel_syms; getresgid; getresuid;
|
|
|
|
# i*
|
|
init_module;
|
|
|
|
# k*
|
|
klogctl;
|
|
|
|
# l*
|
|
llseek;
|
|
|
|
# m*
|
|
mremap;
|
|
|
|
# n*
|
|
nfsservctl;
|
|
|
|
# p*
|
|
personality; prctl;
|
|
|
|
# q*
|
|
query_module; quotactl;
|
|
|
|
# s*
|
|
setfsgid; setfsuid;
|
|
|
|
# s*
|
|
setresgid; setresuid; swapoff; swapon; sysctl; sysinfo;
|
|
|
|
# u*
|
|
umount; uselib;
|
|
|
|
#errlist-compat 123
|
|
_sys_errlist; sys_errlist; _sys_nerr; sys_nerr;
|
|
}
|
|
GLIBC_2.1 {
|
|
# functions used in inline functions or macros
|
|
__libc_sa_len;
|
|
|
|
# Since we have new signals this structure changed.
|
|
_sys_siglist; sys_siglist; sys_sigabbrev;
|
|
|
|
# New errlist.
|
|
_sys_errlist; sys_errlist; _sys_nerr; sys_nerr;
|
|
|
|
# chown interface change.
|
|
chown;
|
|
|
|
# Change in pthread_attr_t.
|
|
pthread_attr_init;
|
|
|
|
# c*
|
|
capget; capset;
|
|
|
|
# n*
|
|
ntp_adjtime; ntp_gettime;
|
|
|
|
# u*
|
|
umount2;
|
|
|
|
#errlist-compat 125
|
|
_sys_errlist; sys_errlist; _sys_nerr; sys_nerr;
|
|
}
|
|
GLIBC_2.2 {
|
|
# needed in other libraries.
|
|
__endmntent; __getmntent_r; __setmntent; __statfs; __sysctl;
|
|
|
|
# ipc ctl interface change.
|
|
semctl; shmctl; msgctl;
|
|
}
|
|
GLIBC_2.2.1 {
|
|
# p*
|
|
pivot_root;
|
|
}
|
|
GLIBC_2.3 {
|
|
# r*
|
|
readahead;
|
|
|
|
#errlist-compat 126
|
|
_sys_errlist; sys_errlist; _sys_nerr; sys_nerr;
|
|
}
|
|
GLIBC_2.3.2 {
|
|
# New kernel interfaces.
|
|
epoll_create; epoll_ctl; epoll_wait;
|
|
}
|
|
GLIBC_2.3.3 {
|
|
gnu_dev_major; gnu_dev_minor; gnu_dev_makedev;
|
|
}
|
|
GLIBC_2.3.4 {
|
|
sched_getaffinity; sched_setaffinity;
|
|
}
|
|
GLIBC_2.4 {
|
|
inotify_init; inotify_add_watch; inotify_rm_watch;
|
|
|
|
unshare;
|
|
|
|
#errlist-compat 132
|
|
_sys_errlist; sys_errlist; _sys_nerr; sys_nerr;
|
|
}
|
|
GLIBC_2.5 {
|
|
splice; tee; vmsplice;
|
|
}
|
|
GLIBC_2.6 {
|
|
epoll_pwait; sync_file_range; sched_getcpu;
|
|
}
|
|
GLIBC_2.7 {
|
|
eventfd; eventfd_read; eventfd_write; signalfd;
|
|
}
|
|
GLIBC_2.8 {
|
|
timerfd_create; timerfd_settime; timerfd_gettime;
|
|
}
|
|
GLIBC_2.9 {
|
|
epoll_create1; inotify_init1;
|
|
}
|
|
GLIBC_2.10 {
|
|
fallocate;
|
|
}
|
|
GLIBC_2.12 {
|
|
#errlist-compat 135
|
|
_sys_errlist; sys_errlist; _sys_nerr; sys_nerr;
|
|
|
|
ntp_gettimex;
|
|
|
|
recvmmsg;
|
|
}
|
|
GLIBC_2.13 {
|
|
prlimit; prlimit64;
|
|
|
|
fanotify_init; fanotify_mark;
|
|
}
|
|
GLIBC_2.14 {
|
|
clock_adjtime;
|
|
|
|
name_to_handle_at; open_by_handle_at;
|
|
|
|
setns;
|
|
|
|
sendmmsg;
|
|
}
|
|
GLIBC_2.15 {
|
|
process_vm_readv; process_vm_writev;
|
|
}
|
|
GLIBC_PRIVATE {
|
|
# functions used in other libraries
|
|
__syscall_rt_sigqueueinfo;
|
|
# functions used by nscd
|
|
__netlink_assert_response;
|
|
}
|
|
}
|