[libvirt] [PATCH 1/2] api: disallow virDomainGetHostname for read-only connections
Daniel P. Berrangé
berrange at redhat.com
Wed Apr 3 14:00:49 UTC 2019
The virDomainGetHostname API is fetching guest information and this may
involve use of an untrusted guest agent. As such its use must be
forbidden on a read-only connection to libvirt.
Fixes CVE-2019-3886
Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
---
src/libvirt-domain.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
index be5b1f6740..baf21824fe 100644
--- a/src/libvirt-domain.c
+++ b/src/libvirt-domain.c
@@ -11031,6 +11031,8 @@ virDomainGetHostname(virDomainPtr domain, unsigned int flags)
virCheckDomainReturn(domain, NULL);
conn = domain->conn;
+ virCheckReadOnlyGoto(domain->conn->flags, error);
+
if (conn->driver->domainGetHostname) {
char *ret;
ret = conn->driver->domainGetHostname(domain, flags);
--
2.20.1
More information about the libvir-list
mailing list