[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 2/2] tools/xenstore: fix get_spec_node()
- To: Juergen Gross <jgross@xxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Thu, 3 Aug 2023 11:53:33 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=J+/SplQubp7bsJRDx2BCsiBz6B8hWfpy15gr46xSccY=; b=Q8I/NAWWqhuPDDaWkjwJootpzgwSUyiNUHKkKLndjePsdqHqzLf4HOG3yMNE6maySWKroqIi9D45dfMh4VwrARW1GikmiTIYJrjPtHf/Y67r1hOyWWiC3Kxn3R5rEqvVFa6405Yn8WIuQD2zQn5kuhjYIe7Un7FUM4i9HVW5nUD+LeMsoFQBTyJYSkRMB/fN/a9ygUHec/py2TrsFz0Xj6SQ6Nz9Ycr7+LrN0Ruia498Hmw4Sz29T0s99KppPFhnYytEA9azTiBUch7dmz60ktvrKr6kbogAxAnunWDdJ6SqFSE6c8VNbYjBYr54kOyLDFUNi2Nv0ButOuajH8iv7g==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eSd1e+66fk1F1OlY4/VSUquaXhxZlLxsF7WoPt7mL92evXOej89xpfJMZFd2EV0BEhAeKj9TwdgpXo4UmpEdkJeCsBET/x7Kn3MPNuCnS8cj9I257/WFOFW6ZJzjiN3Z9qX9L++YGoYIMc8w8c1HXSptPhHPKAEXtk1taKzSQnVEpZlipJD/ILAGdrqhQvlcCHxbpCcOf8WZORnlTHv1Cb23XrsOOmTwZBxHaD/F6qVf25EivTKcteOkrfIWV1kjlEtlTHcynCHDqWp+EViBI9WcPNsOjoCCRXeucK7Jy1jJYfTJvO9FVrj9wUiZiYghRjSsTgi1Mhp6ioDEZArxCA==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Julien Grall <jgrall@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- Delivery-date: Thu, 03 Aug 2023 09:53:46 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 27.07.2023 09:55, Juergen Gross wrote:
> On 27.07.23 09:53, Jan Beulich wrote:
>> On 24.07.2023 12:33, Juergen Gross wrote:
>>> In case get_spec_node() is being called for a special node starting
>>> with '@' it won't set *canonical_name. This can result in a crash of
>>> xenstored due to dereferencing the uninitialized name in
>>> fire_watches().
>>>
>>> This is no security issue as it requires either a privileged caller or
>>> ownership of the special node in question by an unprivileged caller
>>> (which is questionable, as this would make the owner privileged in some
>>> way).
>>>
>>> Fixes: d6bb63924fc2 ("tools/xenstore: introduce dummy nodes for special
>>> watch paths")
>>> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
>>> Reviewed-by: Julien Grall <jgrall@xxxxxxxxxx>
>>
>> I've committed the two patches, and I've queued this one for backporting.
>
> Thanks.
>
>> Can at least one of you please confirm that the earlier patch is not
>> intended to be backported, and that instead a cast will need adding in
>> the backport of the one here?
>
> Yes, that was the plan.
Hmm, looks like the offending patch exists only on the master branch.
Jan
|
