Re: Kernel or userland bug: file descript passing in Postfix

[Thor Lancelot Simon <tls%panix.com@localhost>]

On Wed, Jul 01, 2009 at 01:02:59PM +0100, Matthias Scheler wrote:
> On Fri, Mar 13, 2009 at 03:01:11PM -0400, Taylor R Campbell wrote:
> > The fix committed in revision 1.2 of unix_recv_fd.c is correct.
> > Formerly, Postfix would allocate a buffer of sufficient size and then
> > report a potentially smaller size, computed by CMSG_LEN rather than
> > CMSG_SPACE, to the kernel, which is not only wrong but doesn't make
> > much sense either -- why allocate a buffer of CMSG_SPACE bytes and say
> > there are only CMSG_LEN bytes available?  Please do submit the patch
> > upstream.
> 
> I did that a while ago.
> 
> But as the patch apparently breaks other platforms (e.g. HP/UX)
> upstream didn't accept it. I suggest to use "#ifdef __NetBSD__"
> which refused as well because upstream considers that bad pratice,
> at least without version number checks.

You should probably point out that this API originates in BSD, is
defined by the BSD manuals and the Programmer's Supplementary Documentation,
and that code written to the actual documented API continues to work on
NetBSD.  HP/UX is just broken, and probably has a buffer overrun in this
area, too.

-- 
Thor Lancelot Simon                                        
tls%rek.tjls.com@localhost
    "Even experienced UNIX users occasionally enter rm *.* at the UNIX
     prompt only to realize too late that they have removed the wrong
     segment of the directory structure." - Microsoft WSS whitepaper