[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCHv2 2/5] domifaddr: Implement the remote protocol



On Sun, Aug 18, 2013 at 03:33:16PM +0800, Osier Yang wrote:
> On 15/08/13 17:36, Daniel P. Berrange wrote:
> >>diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
> >>index 7cfebdf..06929e7 100644
> >>--- a/src/remote/remote_protocol.x
> >>+++ b/src/remote/remote_protocol.x
> >>@@ -2837,6 +2837,27 @@ struct remote_domain_event_device_removed_msg {
> >>      remote_nonnull_string devAlias;
> >>  };
> >>+struct remote_domain_ip_addr {
> >>+    int type;
> >>+    remote_nonnull_string addr;
> >>+    int prefix;
> >>+};
> >>+
> >>+struct remote_domain_interface {
> >>+    remote_nonnull_string name;
> >>+    remote_string hwaddr;
> >>+    remote_domain_ip_addr ip_addrs<>;
> >Use of <> *NOT* allowed - this is a security flaw allowing the client
> >to trigger DOS on libvirtd allocating memory. Follow the examples of
> >other APis which set an explicit limit.	
>
> In that case, we have bug on APIs like listAllDomains too, as they use
> variable-length array too.

Sigh. In future please don't report security problems like that on this
mailing list. We have a dedicated security list for responsible disclosure
of issues in libvirt released code.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]