-
Simon McVittie authored
MSG_CTRUNC indicates that we have received fewer fds that we should have done because the buffer was too small, but we were treating it as though it indicated that we received *no* fds. If we received any, we still have to make sure we close them, otherwise they will be leaked. On the system bus, if an attacker can induce us to leak fds in this way, that's a local denial of service via resource exhaustion. Reported-by: Kevin Backhouse, GitHub Security Lab Fixes: #294 Fixes: CVE-2020-12049 Fixes: GHSL-2020-057
872b085f