Socket activation logic lacks error checking

Open jsonn opened this issue 3 years ago • 0 comments

In https://github.com/coreos/go-systemd/blob/f5f8d59a116b1ca501dd87cdb28f6ce89ccf58dc/activation/files_unix.go#L66 the return value of os.NewFile should be checked before files is changed. It can fail if the environment variables don't match the file descriptor table, e.g. LISTEN_FDS is much larger than the number of open files. The current logic would force consumers of the interface to check for this condition or run into mysterious panics in a completely unrelated code. If os.NewFile fails, just returning nil might be reasonable, even if it means close-on-exec is set on some file descriptors.

Aug 08 '22 20:08 jsonn