Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks

From:	Philippe Mathieu-Daudé
Subject:	Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks
Date:	Wed, 15 Jan 2020 18:07:40 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2

On 12/12/19 5:38 PM, Dr. David Alan Gilbert (git) wrote:

From: Stefan Hajnoczi <address@hidden>

Some FUSE message replies contain padding fields that are not
initialized by libfuse.  This is fine in traditional FUSE applications
because the kernel is trusted.  virtiofsd does not trust the guest and
must not expose uninitialized memory.

Use C struct initializers to automatically zero out memory.  Not all of
these code changes are strictly necessary but they will prevent future
information leaks if the structs are extended.

Signed-off-by: Stefan Hajnoczi <address@hidden>
---
  tools/virtiofsd/fuse_lowlevel.c | 150 ++++++++++++++++----------------
  1 file changed, 76 insertions(+), 74 deletions(-)


Reviewed-by: Philippe Mathieu-Daudé <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks, Daniel P . Berrangé, 2020/01/06
- Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks, Philippe Mathieu-Daudé <=

Prev by Date: Re: [kvm-unit-tests PATCH v2 16/16] arm/arm64: ITS: pending table migration test
Next by Date: Re: [PATCH 054/104] virtiofsd: set maximum RLIMIT_NOFILE limit
Previous by thread: Re: [PATCH 055/104] virtiofsd: fix libfuse information leaks
Next by thread: Re: [PATCH 056/104] virtiofsd: add security guide document
Index(es):
- Date
- Thread