- Original Message -
> On Sun, Jan 13, Tomas Hozza wrote:
>
> > -# IPADDR=ipaddr1
> > -# IPADDR_1=ipaddr2
> > -# IPADDR_x=ipaddry (where y = x + 1)
> > +# IPADDR0=ipaddr1
> > +# IPADDR1=ipaddr2
> > +# IPADDRx=ipaddry (where y = x + 1)
>
Use CLOEXEC flag when opening kvp_pool_x files to prevent file
descriptor leakage. Not using it was causing a problem when
SELinux was enabled.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/tools/hv
Fix for the daemon code and for hv_set_ifconfig.sh script, so
that the created ifcfg-* file is consistent with initscripts
documentation.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c| 59 ++---
tools/hv/hv_set_ifconfig.sh | 22
There is a mistake in this Patch. Sorry for this.
I'll send corrected one ASAP after testing it!
- Original Message -
>
>
> > -Original Message-
> > From: Tomas Hozza [mailto:tho...@redhat.com]
> > Sent: Tuesday, January 08, 2013 6:27 AM
> > To
Use CLOEXEC flag when opening kvp_pool_x files to prevent file
descriptor leakage. Not using it was causing a problem when
SELinux was enabled.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/tools/hv
Fix for the daemon code and for hv_set_ifconfig.sh script, so
that the created ifcfg-* file is consistent with initscripts
documentation.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c| 73 ++---
tools/hv/hv_set_ifconfig.sh | 22
eed for handling the
> > truncation
> > case.
>
> You are claiming two contradictory things: sprintf() may overrun the
> buffer, so we need the length check provided by snprintf(), but there
> is no need to check for truncation because we know the length is
> sufficient
- Original Message -
> On Tue, 2012-11-27 at 08:56 +0100, Tomas Hozza wrote:
> > kvp_get_if_name and kvp_mac_to_if_name copy strings into statically
> > sized buffers which could be too small to store really long names.
> >
> > Buffer sizes have been c
Hutchings
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
index e266251..7105c7b 100644
--- a/tools/hv/hv_kvp_daemon.c
+++ b/tools/hv/hv_kvp_daemon.c
@@ -2
Initial patch by Ben Hutchings
We will install this in /usr, so it must use /var/lib for its state.
Only programs installed under /opt should use /var/opt.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a
ned-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 26 +-
1 file changed, 9 insertions(+), 17 deletions(-)
diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
index d25a469..90f1f07 100644
--- a/tools/hv/hv_kvp_daemon.c
+++ b/tools/hv/hv_kvp_daemon.c
@@ -
Hello.
Just FYI there is already a CVE name CVE-2012-5532 for this issue.
Regards,
Tomas Hozza
- Original Message -
> On Thu, Nov 08, 2012 at 10:53:29AM +0100, Tomas Hozza wrote:
> > The source code without this patch caused hypervkvpd to exit when
> > it processed
> &
- Original Message -
> On Thu, Nov 08, 2012 at 10:53:29AM +0100, Tomas Hozza wrote:
> > The source code without this patch caused hypervkvpd to exit when
> > it processed
> > a spoofed Netlink packet which has been sent from an untrusted
> > local user.
> >
Hutchings
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
index a581b3f..17703c7 100644
--- a/tools/hv/hv_kvp_daemon.c
+++ b/tools/hv/hv_kvp_daemon.c
@@ -2
Initial patch by Ben Hutchings
We will install this in /usr, so it must use /var/lib for its state.
Only programs installed under /opt should use /var/opt.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a
Initial patch by Ben Hutchings
Standard C strings are arrays of char, not __u8 (unsigned char).
Declare variables and parameters accordingly, and add the necessary
casts.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions
Initial patch by Ben Hutchings
We will install this in /usr, so it must use /var/lib for its state.
Only programs installed under /opt should use /var/opt.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a
Hutchings
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
index 573b9aa..9609858 100644
--- a/tools/hv/hv_kvp_daemon.c
+++ b/tools/hv/hv_kvp_daemon.c
@@ -2
ned-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 26 +-
1 file changed, 9 insertions(+), 17 deletions(-)
diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
index 13c2a14..54ecb95 100644
--- a/tools/hv/hv_kvp_daemon.c
+++ b/tools/hv/hv_kvp_daemon.c
@@ -
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored
and a warning is printed into the syslog.
Signed-off-by: Tomas Hozza
> > -char dev_id[256];
> > +char dev_id[512];
>
> Shouldnt that be PATH_MAX or similar?
dirent->d_name should be PATH_MAX, but it is mostly
not guaranteed. And then the dev_id is concatenated
with two strings so it can exceed 256 bytes.
After discussion with K. Y. Srinivasan I j
kvp_get_if_name and kvp_mac_to_if_name copy strings into statically
sized buffers which could be too small to store really long names.
Buffer sizes have been increased and length checks added via snprintf.
Signed-off-by: Tomas Hozza
---
tools/hv/hv_kvp_daemon.c | 25
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink packet which has been sent from an untrusted local user.
Now Netlink messages with a non-zero nl_pid source address are ignored
and a warning is printed into the syslog.
Signed-off-by: Tomas Hozza
>From 6199072f8131056efce208f04e6985d1f9968d8e Mon Sep 17 00:00:00 2001
From: Tomas Hozza
Date: Mon, 5 Nov 2012 10:08:16 +0100
Subject: [PATCH] Netlink source address validation allows DoS
The source code without this patch caused hypervkvpd to exit when it processed
a spoofed Netlink pac
acket which has been sent
from an untrusted local user.
This patch is fixing this, so now the Netlink messages with a non-zero
nl_pid source address are just ignored.
Regards,
Tomas Hozza
Associate Software Engineer
BaseOS - Brno, CZ
From 6199072f8131056efce208f04e6985d1f9968d8e Mon Sep 17 00:
25 matches
Mail list logo
