rpms / xen

Clone
Source Code
GIT

Blame qemu.git-eb687602853b4ae656e9236ee4222609f3a6887d.patch

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main private-20060208-sct-branch rawhide
  1.   6e0c7aaab7c73acbe4432c97e12705b8003ea66d
  2.   qemu.git-eb687602853b4ae656e9236ee4222609f3a6887d.patch
Blob History Raw
6e0c7aa 
From eb687602853b4ae656e9236ee4222609f3a6887d Mon Sep 17 00:00:00 2001
6e0c7aa 
From: Li Qiang <liqiang6-s@360.cn>
6e0c7aa 
Date: Mon, 17 Oct 2016 14:13:58 +0200
6e0c7aa 
Subject: [PATCH] 9pfs: fix information leak in xattr read
6e0c7aa
6e0c7aa 
9pfs uses g_malloc() to allocate the xattr memory space, if the guest
6e0c7aa 
reads this memory before writing to it, this will leak host heap memory
6e0c7aa 
to the guest. This patch avoid this.
6e0c7aa
6e0c7aa 
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
6e0c7aa 
Reviewed-by: Greg Kurz <groug@kaod.org>
6e0c7aa 
Signed-off-by: Greg Kurz <groug@kaod.org>
6e0c7aa 
---
6e0c7aa 
 hw/9pfs/9p.c |    2 +-
6e0c7aa 
 1 files changed, 1 insertions(+), 1 deletions(-)
6e0c7aa
6e0c7aa 
diff --git a/hw/9pfs/virtio-9p.c b/hw/9pfs/virtio-9p.c
6e0c7aa 
index 26aa7d5..bf23b01 100644
6e0c7aa 
--- a/hw/9pfs/virtio-9p.c
6e0c7aa 
+++ b/hw/9pfs/virtio-9p.c
6e0c7aa 
@@ -3282,7 +3282,7 @@ static void coroutine_fn v9fs_xattrcreate(void *opaque)
6e0c7aa 
     xattr_fidp->fs.xattr.flags = flags;
6e0c7aa 
     v9fs_string_init(&xattr_fidp->fs.xattr.name);
6e0c7aa 
     v9fs_string_copy(&xattr_fidp->fs.xattr.name, &name);
6e0c7aa 
-    xattr_fidp->fs.xattr.value = g_malloc(size);
6e0c7aa 
+    xattr_fidp->fs.xattr.value = g_malloc0(size);
6e0c7aa 
     err = offset;
6e0c7aa 
     put_fid(pdu, file_fidp);
6e0c7aa 
 out_nofid:
6e0c7aa 
--
6e0c7aa 
1.7.0.4
6e0c7aa
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.