[Qemu-commits] [qemu/qemu] 7bd927: 9pfs: use g

qemu-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 7bd927: 9pfs: use g_malloc0 to allocate space

From:	GitHub
Subject:	[Qemu-commits] [qemu/qemu] 7bd927: 9pfs: use g_malloc0 to allocate space for xattr
Date:	Tue, 17 Oct 2017 03:28:40 -0700

  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: 7bd92756303f2158a68d5166264dc30139b813b6
      
https://github.com/qemu/qemu/commit/7bd92756303f2158a68d5166264dc30139b813b6
  Author: Prasad J Pandit <address@hidden>
  Date:   2017-10-16 (Mon, 16 Oct 2017)

  Changed paths:
    M hw/9pfs/9p.c

  Log Message:
  -----------
  9pfs: use g_malloc0 to allocate space for xattr

9p back-end first queries the size of an extended attribute,
allocates space for it via g_malloc() and then retrieves its
value into allocated buffer. Race between querying attribute
size and retrieving its could lead to memory bytes disclosure.
Use g_malloc0() to avoid it.

Reported-by: Tuomas Tynkkynen <address@hidden>
Signed-off-by: Prasad J Pandit <address@hidden>
Signed-off-by: Greg Kurz <address@hidden>


  Commit: 9f99c85c4a364f8de8134eb53b0cc1b84ded4b3f
      
https://github.com/qemu/qemu/commit/9f99c85c4a364f8de8134eb53b0cc1b84ded4b3f
  Author: Peter Maydell <address@hidden>
  Date:   2017-10-17 (Tue, 17 Oct 2017)

  Changed paths:
    M hw/9pfs/9p.c

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/gkurz/tags/for-upstream' into staging

This fixes a potential data leak to the guest.

# gpg: Signature made Mon 16 Oct 2017 16:08:25 BST
# gpg:                using DSA key 0x02FC3AEB0101DBC2
# gpg: Good signature from "Greg Kurz <address@hidden>"
# gpg:                 aka "Greg Kurz <address@hidden>"
# gpg:                 aka "Greg Kurz <address@hidden>"
# gpg:                 aka "Gregory Kurz (Groug) <address@hidden>"
# gpg:                 aka "[jpeg image of size 3330]"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 2BD4 3B44 535E C0A7 9894  DBA2 02FC 3AEB 0101 DBC2

* remotes/gkurz/tags/for-upstream:
  9pfs: use g_malloc0 to allocate space for xattr

Signed-off-by: Peter Maydell <address@hidden>


Compare: https://github.com/qemu/qemu/compare/a4faa2685769...9f99c85c4a36

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-commits] [qemu/qemu] 7bd927: 9pfs: use g_malloc0 to allocate space for xattr, GitHub <=

Prev by Date: [Qemu-commits] [qemu/qemu] aef45d: build: automatically handle GIT submodule checkout...
Next by Date: [Qemu-commits] [qemu/qemu] 89382c: sockets: factor out a new try_bind() function
Previous by thread: [Qemu-commits] [qemu/qemu] aef45d: build: automatically handle GIT submodule checkout...
Next by thread: [Qemu-commits] [qemu/qemu] 89382c: sockets: factor out a new try_bind() function
Index(es):
- Date
- Thread