[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCHv2 2/2] openvz: avoid potential buffer overflow



2010/12/7 Eric Blake <eblake redhat com>:
> * src/openvz/openvz_conf.c (openvzLoadDomains): Replace unsafe
> sscanf with safe direct parsing.
> (openvzGetVEID): Avoid lost integer overflow detection.
> (openvzAssignUUIDs): Likewise, and detect readdir failure.
> ---
>
> v2: new patch; plugs a potential security hole, since
> *scanf("%s",fixed_width_buffer) is exploitable, but the
> exploit could only happen if /usr/sbin/vzlist is compromised.
>
>  src/openvz/openvz_conf.c |   39 +++++++++++++++++++++++++--------------
>  1 files changed, 25 insertions(+), 14 deletions(-)
>

ACK.

Matthias


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]