[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0

This should fix it I think.


Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine.  Supports Linux and Windows.
>From ae8bb84ecd46d7b6ef557a87725923ac8d09dce0 Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones redhat com>
Date: Fri, 31 May 2013 08:37:44 +0100
Subject: [PATCH] inspection: Don't segfault if /etc/SuSE-release is an empty

Related to CVE-2013-2124.

Thanks: Olaf Hering.
 src/inspect-fs-unix.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/inspect-fs-unix.c b/src/inspect-fs-unix.c
index 5fabaa2..da5fbf3 100644
--- a/src/inspect-fs-unix.c
+++ b/src/inspect-fs-unix.c
@@ -338,10 +338,11 @@ parse_suse_release (guestfs_h *g, struct inspect_fs *fs, const char *filename)
   if (lines == NULL)
     return -1;
+  if (lines[0] != NULL)
+    goto out;
   /* First line is dist release name */
   fs->product_name = safe_strdup (g, lines[0]);
-  if (fs->product_name == NULL)
-    goto out;
   /* Match SLES first because openSuSE regex overlaps some SLES release strings */
   if (match (g, fs->product_name, re_sles) || match (g, fs->product_name, re_nld)) {

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]