diff options
Diffstat (limited to '0004-tools-xenstored-Harden-corrupt.patch')
-rw-r--r-- | 0004-tools-xenstored-Harden-corrupt.patch | 44 |
1 files changed, 0 insertions, 44 deletions
diff --git a/0004-tools-xenstored-Harden-corrupt.patch b/0004-tools-xenstored-Harden-corrupt.patch deleted file mode 100644 index c9e6852..0000000 --- a/0004-tools-xenstored-Harden-corrupt.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 7fe638c28fa693d8bb8f9419de1220d4359a1b2d Mon Sep 17 00:00:00 2001 -From: Julien Grall <jgrall@amazon.com> -Date: Tue, 12 Jul 2022 11:23:01 +0200 -Subject: [PATCH 004/126] tools/xenstored: Harden corrupt() - -At the moment, corrupt() is neither checking for allocation failure -nor freeing the allocated memory. - -Harden the code by printing ENOMEM if the allocation failed and -free 'str' after the last use. - -This is not considered to be a security issue because corrupt() should -only be called when Xenstored thinks the database is corrupted. Note -that the trigger (i.e. a guest reliably provoking the call) would be -a security issue. - -Fixes: 06d17943f0cd ("Added a basic integrity checker, and some basic ability to recover from store") -Signed-off-by: Julien Grall <jgrall@amazon.com> -Reviewed-by: Juergen Gross <jgross@suse.com> -master commit: db3382dd4f468c763512d6bf91c96773395058fb -master date: 2022-06-23 13:44:10 +0100 ---- - tools/xenstore/xenstored_core.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c -index 8033c1e0eb28..9172dd767140 100644 ---- a/tools/xenstore/xenstored_core.c -+++ b/tools/xenstore/xenstored_core.c -@@ -1988,7 +1988,10 @@ void corrupt(struct connection *conn, const char *fmt, ...) - va_end(arglist); - - log("corruption detected by connection %i: err %s: %s", -- conn ? (int)conn->id : -1, strerror(saved_errno), str); -+ conn ? (int)conn->id : -1, strerror(saved_errno), -+ str ?: "ENOMEM"); -+ -+ talloc_free(str); - - check_store(); - } --- -2.37.4 - |