[libvirt] [PATCH 1/3] BSD: Ensure UNIX socket credentials are valid

Tue Sep 24 16:44:54 UTC 2013

Ensure that the socket credentials we got back on BSD are valid before
using them.
---
 src/rpc/virnetsocket.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index b311aae..49c6ddc 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -1166,6 +1166,18 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock,
         return -1;
     }
 
+    if (cr.cr_version != XUCRED_VERSION) {
+        virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
+                       _("Failed to get valid client socket identity"));
+        return -1;
+    }
+
+    if (cr.cr_ngroups == 0) {
+        virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
+                       _("Failed to get valid client socket identity groups"));
+        return -1;
+    }
+
     *pid = -1;
     *uid = cr.cr_uid;
     *gid = cr.cr_gid;
-- 
1.8.1.5


