[Libguestfs] ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0
Richard W.M. Jones
rjones at redhat.com
Fri May 31 07:39:08 UTC 2013
This should fix it I think.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/
-------------- next part --------------
>From ae8bb84ecd46d7b6ef557a87725923ac8d09dce0 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones at redhat.com>
Date: Fri, 31 May 2013 08:37:44 +0100
Subject: [PATCH] inspection: Don't segfault if /etc/SuSE-release is an empty
file.
Related to CVE-2013-2124.
Thanks: Olaf Hering.
---
src/inspect-fs-unix.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/inspect-fs-unix.c b/src/inspect-fs-unix.c
index 5fabaa2..da5fbf3 100644
--- a/src/inspect-fs-unix.c
+++ b/src/inspect-fs-unix.c
@@ -338,10 +338,11 @@ parse_suse_release (guestfs_h *g, struct inspect_fs *fs, const char *filename)
if (lines == NULL)
return -1;
+ if (lines[0] != NULL)
+ goto out;
+
/* First line is dist release name */
fs->product_name = safe_strdup (g, lines[0]);
- if (fs->product_name == NULL)
- goto out;
/* Match SLES first because openSuSE regex overlaps some SLES release strings */
if (match (g, fs->product_name, re_sles) || match (g, fs->product_name, re_nld)) {
--
1.8.2.1
More information about the Libguestfs
mailing list