[Virtio-fs] [PATCH] virtiofsd: fix libfuse information leaks
Philippe Mathieu-Daudé
philmd at redhat.com
Fri Nov 22 12:59:44 UTC 2019
On 11/22/19 12:31 PM, Stefan Hajnoczi wrote:
> Some FUSE message replies contain padding fields that are not
> initialized by libfuse. This is fine in traditional FUSE applications
> because the kernel is trusted. virtiofsd does not trust the guest and
> must not expose uninitialized memory.
>
> Use C struct initializers to automatically zero out memory. Not all of
> these code changes are strictly necessary but they will prevent future
> information leaks if the structs are extended.
>
> Signed-off-by: Stefan Hajnoczi <stefanha at redhat.com>
Nice cleanup.
Reviewed-by: Philippe Mathieu-Daudé <philmd at redhat.com>
More information about the Virtio-fs
mailing list