Re: [PATCH] virtiofsd: fix libfuse information leaks

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] virtiofsd: fix libfuse information leaks

From:	Philippe Mathieu-Daudé
Subject:	Re: [PATCH] virtiofsd: fix libfuse information leaks
Date:	Fri, 22 Nov 2019 13:59:44 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.1.1

On 11/22/19 12:31 PM, Stefan Hajnoczi wrote:

Some FUSE message replies contain padding fields that are not
initialized by libfuse.  This is fine in traditional FUSE applications
because the kernel is trusted.  virtiofsd does not trust the guest and
must not expose uninitialized memory.

Use C struct initializers to automatically zero out memory.  Not all of
these code changes are strictly necessary but they will prevent future
information leaks if the structs are extended.

Signed-off-by: Stefan Hajnoczi <address@hidden>


Nice cleanup.
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] virtiofsd: fix libfuse information leaks, Stefan Hajnoczi, 2019/11/22
- Re: [PATCH] virtiofsd: fix libfuse information leaks, Philippe Mathieu-Daudé <=
- Re: [PATCH] virtiofsd: fix libfuse information leaks, Dr. David Alan Gilbert, 2019/11/22

Prev by Date: Re: [PATCH 2/6] iotests: Skip test 079 if it is not possible to create large files
Next by Date: Re: [PATCH v1 3/3] tests/vm/ubuntu: update i386 image to 18.04
Previous by thread: [PATCH] virtiofsd: fix libfuse information leaks
Next by thread: Re: [PATCH] virtiofsd: fix libfuse information leaks
Index(es):
- Date
- Thread