[Libguestfs] [PATCH] Add a test for an executable stack in libguestfs.so
Matthew Booth
mbooth at redhat.com
Wed Aug 5 11:01:19 UTC 2009
On 05/08/09 11:58, Richard W.M. Jones wrote:
> On Wed, Aug 05, 2009 at 11:45:02AM +0100, Matthew Booth wrote:
>> I've updated the patch. It's now in regressions, and checks both
>> libguestfs.so and the guest daemon. It occurs to me that it's the
>> daemon that's would get an executable stack from the specific patch
>> I posted the other day. However, would this actually matter
>> specifically for the daemon?
>
> Duh yes, you're right. I was checking the wrong executable.
>
> $ readelf -l daemon/guestfsd
> [...]
> GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
> 0x0000000000000000 0x0000000000000000 RWE 8
>
> So your patch *does* make the daemon stack executable.
>
> Does it matter for the daemon? Probably yes. We should avoid
> allowing code to be injected into the appliance. For example if there
> was a malicious string which was passed into libguestfs from user
> input, then the additional stack guards would be our last line of
> defence.
>
> Also rpmlint will give a warning about this.
>
> NAK I'm afraid. However just hoisting those functions out so they are
> not nested should make it OK. Don't forget the other two things I
> raised in the original review.
Just to confirm, that NAK is for the original patch, not for this patch?
Agree I'll update the original patch not to use nested function.
Matt
--
Matthew Booth, RHCA, RHCSS
Red Hat Engineering, Virtualisation Team
M: +44 (0)7977 267231
GPG ID: D33C3490
GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490
More information about the Libguestfs
mailing list