Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks

From:	Daniel P . Berrangé
Subject:	Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks
Date:	Mon, 6 Jan 2020 15:01:43 +0000
User-agent:	Mutt/1.12.1 (2019-06-15)

On Thu, Dec 12, 2019 at 04:38:15PM +0000, Dr. David Alan Gilbert (git) wrote:
> From: Stefan Hajnoczi <address@hidden>
> 
> Some FUSE message replies contain padding fields that are not
> initialized by libfuse.  This is fine in traditional FUSE applications
> because the kernel is trusted.  virtiofsd does not trust the guest and
> must not expose uninitialized memory.
> 
> Use C struct initializers to automatically zero out memory.  Not all of
> these code changes are strictly necessary but they will prevent future
> information leaks if the structs are extended.
> 
> Signed-off-by: Stefan Hajnoczi <address@hidden>
> ---
>  tools/virtiofsd/fuse_lowlevel.c | 150 ++++++++++++++++----------------
>  1 file changed, 76 insertions(+), 74 deletions(-)

Reviewed-by: Daniel P. Berrangé <address@hidden>


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks, Daniel P . Berrangé <=
- Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks, Philippe Mathieu-Daudé, 2020/01/15

Prev by Date: Re: [PATCH 054/104] virtiofsd: set maximum RLIMIT_NOFILE limit
Next by Date: Re: [PATCH 056/104] virtiofsd: add security guide document
Previous by thread: Re: [PATCH 054/104] virtiofsd: set maximum RLIMIT_NOFILE limit
Next by thread: Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks
Index(es):
- Date
- Thread