render / rpms / libvirt

Forked from rpms/libvirt 9 months ago
Clone
Source Code
GIT

Blame SOURCES/libvirt-Fix-typo-in-identity-code-which-is-pre-requisite-for-CVE-2013-4311.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale libvirt-hyperscale-10.4.0 upgrade-hyperscale-libvirt
  1.   43fe83eaf730f3f7762e8a227cf503f95f7ca084
  2.   SOURCES
  3.   libvirt-Fix-typo-in-identity-code-which-is-pre-requisite-for-CVE-2013-4311.patch
Blob History Raw
43fe83 
From 141a54556cb19004ab72780417d315bfebbd872d Mon Sep 17 00:00:00 2001
43fe83 
Message-Id: <141a54556cb19004ab72780417d315bfebbd872d.1380112457.git.jdenemar@redhat.com>
43fe83 
From: "Daniel P. Berrange" <berrange@redhat.com>
43fe83 
Date: Mon, 23 Sep 2013 15:26:07 -0600
43fe83 
Subject: [PATCH] Fix typo in identity code which is pre-requisite for
43fe83 
 CVE-2013-4311
43fe83
43fe83 
https://bugzilla.redhat.com/show_bug.cgi?id=1006272
43fe83
43fe83 
The fix for CVE-2013-4311 had a pre-requisite enhancement
43fe83 
to the identity code
43fe83
43fe83 
  commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176
43fe83 
  Author: Daniel P. Berrange <berrange@redhat.com>
43fe83 
  Date:   Thu Aug 22 16:00:01 2013 +0100
43fe83
43fe83 
    Also store user & group ID values in virIdentity
43fe83
43fe83 
This had a typo which caused the group ID to overwrite the
43fe83 
user ID string. This meant any checks using this would have
43fe83 
the wrong ID value. This only affected the ACL code, not the
43fe83 
initial polkit auth. It also leaked memory.
43fe83
43fe83 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
43fe83 
(cherry picked from commit e4697b92abaad16e8e6b41a1e55be9b084d48d5a)
43fe83 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
43fe83 
---
43fe83 
 src/rpc/virnetserverclient.c | 2 +-
43fe83 
 1 file changed, 1 insertion(+), 1 deletion(-)
43fe83
43fe83 
diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
43fe83 
index 19c4100..0b9ab52 100644
43fe83 
--- a/src/rpc/virnetserverclient.c
43fe83 
+++ b/src/rpc/virnetserverclient.c
43fe83 
@@ -678,7 +678,7 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
43fe83 
             goto cleanup;
43fe83 
         if (!(groupname = virGetGroupName(gid)))
43fe83 
             goto cleanup;
43fe83 
-        if (virAsprintf(&userid, "%d", (int)gid) < 0)
43fe83 
+        if (virAsprintf(&groupid, "%d", (int)gid) < 0)
43fe83 
             goto cleanup;
43fe83 
         if (virAsprintf(&processid, "%llu",
43fe83 
                         (unsigned long long)pid) < 0)
43fe83 
--
43fe83 
1.8.3.2
43fe83

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation