[PATCH v3 1/4] tools: virt-login-shell: Fix group list bounds checking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The list certainly isn't zero terminated and it would isallow usage of
group 'root'. Pass in the array size and match against it.
---
 tools/virt-login-shell.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/tools/virt-login-shell.c b/tools/virt-login-shell.c
index 38fcb9e..96ca410 100644
--- a/tools/virt-login-shell.c
+++ b/tools/virt-login-shell.c
@@ -47,7 +47,8 @@ static const char *conf_file = SYSCONFDIR "/libvirt/virt-login-shell.conf";

 static int virLoginShellAllowedUser(virConfPtr conf,
                                     const char *name,
-                                    gid_t *groups)
+                                    gid_t *groups,
+                                    size_t ngroups)
 {
     virConfValuePtr p;
     int ret = -1;
@@ -74,7 +75,7 @@ static int virLoginShellAllowedUser(virConfPtr conf,
                     ptr = &pp->str[1];
                     if (!*ptr)
                         continue;
-                    for (i = 0; groups[i]; i++) {
+                    for (i = 0; i < ngroups; i++) {
                         if (!(gname = virGetGroupName(groups[i])))
                             continue;
                         if (fnmatch(ptr, gname, 0) == 0) {
@@ -306,7 +307,7 @@ main(int argc, char **argv)
     if ((ngroups = virGetGroupList(uid, gid, &groups)) < 0)
         goto cleanup;

-    if (virLoginShellAllowedUser(conf, name, groups) < 0)
+    if (virLoginShellAllowedUser(conf, name, groups, ngroups) < 0)
         goto cleanup;

     if (virLoginShellGetShellArgv(conf, &shargv, &shargvlen) < 0)
-- 
2.8.3

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]