From bc206c2eb3712871fb737c1b9968b043dc3c9724 Mon Sep 17 00:00:00 2001 Message-Id: From: "Daniel P. Berrange" Date: Fri, 30 Aug 2013 11:16:14 +0100 Subject: [PATCH] Prohibit unbounded arrays in XDR protocols For https://bugzilla.redhat.com/show_bug.cgi?id=1002667 The use of <> is a security issue for RPC parameters, since a malicious client can set a huge array length causing arbitrary memory allocation in the daemon. It is also a robustness issue for RPC return values, because if the stream is corrupted, it can cause the client to also allocate arbitrary memory. Use a syntax-check rule to prohibit any use of <> Signed-off-by: Daniel P. Berrange (cherry picked from commit a4d1cfdc59ec18bfade96333cafd465dad7e40fb) --- cfg.mk | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cfg.mk b/cfg.mk index c59d432..aa2e1a1 100644 --- a/cfg.mk +++ b/cfg.mk @@ -830,6 +830,12 @@ sc_prohibit_config_h_in_headers: halt='headers should not include ' \ $(_sc_search_regexp) +sc_prohibit_unbounded_arrays_in_rpc: + @prohibit='<>' \ + in_vc_files='\.x$$' \ + halt='Arrays in XDR must have a upper limit set for ' \ + $(_sc_search_regexp) + # We don't use this feature of maint.mk. prev_version_file = /dev/null -- 1.8.3.2