1 files changed, 40 insertions, 0 deletions

diff --git a/sys-apps/systemd/files/systemd-254-varlink-allocate-heap.patch b/sys-apps/systemd/files/systemd-254-varlink-allocate-heap.patch
new file mode 100644
index 000000000000..85f306a175f3
--- /dev/null
+++ b/sys-apps/systemd/files/systemd-254-varlink-allocate-heap.patch
@@ -0,0 +1,40 @@
+https://bugs.gentoo.org/911583
+https://github.com/systemd/systemd/issues/28635
+https://github.com/systemd/systemd/commit/b456f2266afd839f8817235475e57c38e9d76dc9
+
+From b456f2266afd839f8817235475e57c38e9d76dc9 Mon Sep 17 00:00:00 2001
+From: Frantisek Sumsal <frantisek@sumsal.cz>
+Date: Wed, 2 Aug 2023 14:55:50 +0200
+Subject: [PATCH] varlink: allocate the buffer for varlink FDs on the heap
+
+Since it's ~16K, which might cause issues in environments with limited
+stack space.
+
+Resolves: #28635
+--- a/src/shared/varlink.c
++++ b/src/shared/varlink.c
+@@ -633,7 +633,7 @@ static int varlink_write(Varlink *v) {
+ #define VARLINK_FDS_MAX (16U*1024U)
+ 
+ static int varlink_read(Varlink *v) {
+-        CMSG_BUFFER_TYPE(CMSG_SPACE(sizeof(int) * VARLINK_FDS_MAX)) control;
++        _cleanup_free_ struct cmsghdr *cmsg_fds = NULL;
+         struct iovec iov;
+         struct msghdr mh;
+         size_t rs;
+@@ -690,9 +690,13 @@ static int varlink_read(Varlink *v) {
+                 mh = (struct msghdr) {
+                         .msg_iov = &iov,
+                         .msg_iovlen = 1,
+-                        .msg_control = &control,
+-                        .msg_controllen = sizeof(control),
+                 };
++
++                mh.msg_controllen = CMSG_SPACE(sizeof(int) * VARLINK_FDS_MAX);
++                mh.msg_control = cmsg_fds = malloc(mh.msg_controllen);
++                if (!cmsg_fds)
++                        return -ENOMEM;
++
+                 n = recvmsg_safe(v->fd, &mh, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
+         } else {
+                 bool prefer_read = v->prefer_read_write;