[libvirt] [PATCHv2 2/5] domifaddr: Implement the remote protocol
Daniel P. Berrange
berrange at redhat.com
Mon Aug 19 11:16:43 UTC 2013
On Sun, Aug 18, 2013 at 03:33:16PM +0800, Osier Yang wrote:
> On 15/08/13 17:36, Daniel P. Berrange wrote:
> >>diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
> >>index 7cfebdf..06929e7 100644
> >>--- a/src/remote/remote_protocol.x
> >>+++ b/src/remote/remote_protocol.x
> >>@@ -2837,6 +2837,27 @@ struct remote_domain_event_device_removed_msg {
> >> remote_nonnull_string devAlias;
> >> };
> >>+struct remote_domain_ip_addr {
> >>+ int type;
> >>+ remote_nonnull_string addr;
> >>+ int prefix;
> >>+};
> >>+
> >>+struct remote_domain_interface {
> >>+ remote_nonnull_string name;
> >>+ remote_string hwaddr;
> >>+ remote_domain_ip_addr ip_addrs<>;
> >Use of <> *NOT* allowed - this is a security flaw allowing the client
> >to trigger DOS on libvirtd allocating memory. Follow the examples of
> >other APis which set an explicit limit.
>
> In that case, we have bug on APIs like listAllDomains too, as they use
> variable-length array too.
Sigh. In future please don't report security problems like that on this
mailing list. We have a dedicated security list for responsible disclosure
of issues in libvirt released code.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list