Align ppm_cmsg_nxthdr with glibc __cmsg_nxthdr #2765
Description
Describe the bug
One possible bug related to ppm_cmsg_nxthdr implementation was discovered and fixed in #2764 .
ppm_cmsg_nxthdr implementation has been equivalent to the official __cmsg_nxthdr glibc implementation, but now the two diverge.
We can clearly see from glibc source code that a patch, aiming to introduce additional cmsg length checks, has been delivered starting from version 2.37: bminor/glibc@9c443ac
The new checks are not present in the current ppm_cmsg_nxthdr implementation, and it would be better to align it with the official one and avoid potentially bogus drifts.
How to reproduce it
This highlight potential issues, not yet experienced in real deployments.
Expected behaviour
sinsp_parser correctly iterates over control messages, and correctly handles malformed ones.
Screenshots
Environment
- Falco version:
- System info:
- Cloud provider or hardware configuration:
- OS:
- Kernel:
- Installation method:
This highlight potential issues, not yet experienced in real deployments.
Additional context