teknoraver / rpms / systemd

Forked from rpms/systemd 4 months ago
Clone

Blame SOURCES/0359-core-fix-rlimit-parsing.patch

803fb7
From b53ec8d7dca8eba189c45ae29e4d5ff03e5e5556 Mon Sep 17 00:00:00 2001
803fb7
From: Evgeny Vereshchagin <evvers@ya.ru>
803fb7
Date: Fri, 27 Nov 2015 08:54:42 +0000
803fb7
Subject: [PATCH] core: fix rlimit parsing
803fb7
803fb7
* refuse limits if soft > hard
803fb7
* print an actual value instead of (null)
803fb7
803fb7
see https://github.com/systemd/systemd/pull/1994#issuecomment-159999123
803fb7
803fb7
Cherry-picked from: 0316f2aeebde7569d24a93ab788ac4bc1657b11b
803fb7
Related: #1351415
803fb7
---
803fb7
 src/core/load-fragment.c  |  5 ++++-
803fb7
 src/test/test-unit-file.c | 21 +++++++++++++++++++++
803fb7
 2 files changed, 25 insertions(+), 1 deletion(-)
803fb7
803fb7
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
803fb7
index d307f1c74..2f6209e05 100644
803fb7
--- a/src/core/load-fragment.c
803fb7
+++ b/src/core/load-fragment.c
803fb7
@@ -1160,6 +1160,7 @@ static int parse_rlimit_range(
803fb7
                 struct rlimit **rl,
803fb7
                 int (*rlim_parser)(const char *, rlim_t *)) {
803fb7
 
803fb7
+        const char *whole_value = value;
803fb7
         rlim_t soft, hard;
803fb7
         _cleanup_free_ char *sword = NULL, *hword = NULL;
803fb7
         int nwords, r;
803fb7
@@ -1175,9 +1176,11 @@ static int parse_rlimit_range(
803fb7
         if (r == 0 && nwords == 2)
803fb7
                 r = rlim_parser(hword, &hard);
803fb7
         if (r < 0) {
803fb7
-                log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse resource value, ignoring: %s", value);
803fb7
+                log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse resource value, ignoring: %s", whole_value);
803fb7
                 return 0;
803fb7
         }
803fb7
+        if (nwords == 2 && soft > hard)
803fb7
+                return log_syntax(unit, LOG_WARNING, filename, line, 0, "Invalid resource value ("RLIM_FMT" > "RLIM_FMT"), ignoring: %s", soft, hard, whole_value);
803fb7
 
803fb7
         if (!*rl) {
803fb7
                 *rl = new(struct rlimit, 1);
803fb7
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
803fb7
index 931dfeda8..8acf071ff 100644
803fb7
--- a/src/test/test-unit-file.c
803fb7
+++ b/src/test/test-unit-file.c
803fb7
@@ -570,6 +570,27 @@ static void test_config_parse_rlimit(void) {
803fb7
         assert_se(rl[RLIMIT_NOFILE]->rlim_cur == RLIM_INFINITY);
803fb7
         assert_se(rl[RLIMIT_NOFILE]->rlim_cur == rl[RLIMIT_NOFILE]->rlim_max);
803fb7
 
803fb7
+        assert_se(config_parse_limit(NULL, "fake", 1, "section", 1, "LimitNOFILE", RLIMIT_NOFILE, "10:20:30", rl, NULL) >= 0);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]->rlim_cur == 10);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]->rlim_max == 20);
803fb7
+
803fb7
+        /* Invalid values don't change rl */
803fb7
+        assert_se(config_parse_limit(NULL, "fake", 1, "section", 1, "LimitNOFILE", RLIMIT_NOFILE, "wat:wat", rl, NULL) >= 0);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]->rlim_cur == 10);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]->rlim_max == 20);
803fb7
+
803fb7
+        assert_se(config_parse_limit(NULL, "fake", 1, "section", 1, "LimitNOFILE", RLIMIT_NOFILE, "66:wat", rl, NULL) >= 0);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]->rlim_cur == 10);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]->rlim_max == 20);
803fb7
+
803fb7
+        assert_se(config_parse_limit(NULL, "fake", 1, "section", 1, "LimitNOFILE", RLIMIT_NOFILE, "200:100", rl, NULL) >= 0);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]->rlim_cur == 10);
803fb7
+        assert_se(rl[RLIMIT_NOFILE]->rlim_max == 20);
803fb7
+
803fb7
         free(rl[RLIMIT_NOFILE]);
803fb7
         assert_se(config_parse_sec_limit(NULL, "fake", 1, "section", 1, "LimitCPU", RLIMIT_CPU, "56", rl, NULL) >= 0);
803fb7
         assert_se(rl[RLIMIT_CPU]);