[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] ioemu: Improve xenstore_read_vncpasswd().

# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1201185226 0
# Node ID edc268331a9e6233764f84860a62d0030f25835a
# Parent  db620f1c9d3077e732440d1088e608b6d5530daa
ioemu: Improve xenstore_read_vncpasswd().
From: Peter Johnston <peter.johnston@xxxxxxxxxx>
Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx>
---
 tools/ioemu/xenstore.c |   25 +++++++++++++++----------
 1 files changed, 15 insertions(+), 10 deletions(-)

diff -r db620f1c9d30 -r edc268331a9e tools/ioemu/xenstore.c
--- a/tools/ioemu/xenstore.c    Thu Jan 24 14:29:13 2008 +0000
+++ b/tools/ioemu/xenstore.c    Thu Jan 24 14:33:46 2008 +0000
@@ -492,7 +492,7 @@ void xenstore_read_vncpasswd(int domid, 
 void xenstore_read_vncpasswd(int domid, char *pwbuf, size_t pwbuflen)
 {
     char *buf = NULL, *path, *uuid = NULL, *passwd = NULL;
-    unsigned int i, len, rc = 0;
+    unsigned int i, len;
 
     pwbuf[0] = '\0';
 
@@ -506,33 +506,38 @@ void xenstore_read_vncpasswd(int domid, 
     }
 
     pasprintf(&buf, "%s/vm", path);
+    free(path);
     uuid = xs_read(xsh, XBT_NULL, buf, &len);
     if (uuid == NULL) {
         fprintf(logfile, "xs_read(): uuid get error. %s.\n", buf);
-        free(path);
+        free(buf);
         return;
     }
 
     pasprintf(&buf, "%s/vncpasswd", uuid);
+    free(uuid);
     passwd = xs_read(xsh, XBT_NULL, buf, &len);
     if (passwd == NULL) {
         fprintf(logfile, "xs_read(): vncpasswd get error. %s.\n", buf);
-        free(uuid);
-        free(path);
+        free(buf);
         return;
     }
 
-    for (i=0; i<len && i<pwbuflen; i++)
+    if (len >= pwbuflen)
+    {
+        fprintf(logfile, "xenstore_read_vncpasswd(): truncated password to 
avoid buffer overflow\n");
+        len = pwbuflen - 1;
+    }
+
+    for (i=0; i<len; i++)
         pwbuf[i] = passwd[i];
-    pwbuf[len < (pwbuflen-1) ? len : (pwbuflen-1)] = '\0';
+    pwbuf[len] = '\0';
     passwd[0] = '\0';
-    pasprintf(&buf, "%s/vncpasswd", uuid);
-    if (xs_write(xsh, XBT_NULL, buf, passwd, len) == 0)
+    if (xs_write(xsh, XBT_NULL, buf, passwd, 1) == 0)
         fprintf(logfile, "xs_write() vncpasswd failed.\n");
 
     free(passwd);
-    free(uuid);
-    free(path);
+    free(buf);
 }
 
 

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.