Re: [PATCH 08/10] util: Introduce 'virpin' module for dealing with PIN numbers

[Ján Tomko <jtomko@xxxxxxxxxx>]

On Mon, Apr 01, 2019 at 03:04:59PM +0200, Peter Krempa wrote:
> In https://www.redhat.com/archives/libvir-list/2019-February/msg01475.html
> I was notified that I forgot to deal with the possibility that the JSON
> number would contain jtomko's PIN number. I had to look around for a
> leaked list of PIN numbers to avoid the problem described in the review.
>
> This commit implements a checker which will allow deciding when to nuke
> the JSON number string. We obviously have to spare a few CPU cycles to
> make Jano feel safer.
> ---
> src/libvirt_private.syms |    4 +
> src/util/Makefile.inc.am |    2 +
> src/util/virpin.c        | 1053 ++++++++++++++++++++++++++++++++++++++
> src/util/virpin.h        |   30 ++
> tests/utiltest.c         |   30 ++
> 5 files changed, 1119 insertions(+)
> create mode 100644 src/util/virpin.c
> create mode 100644 src/util/virpin.h

Sensible-chuckle-by: Ján Tomko <jtomko@xxxxxxxxxx>

> +/* This is a list of leaked pin codes obtained from
> + * https://pastebin.com/2qbRKh3R which I've found on the dark web. */

I'm not sure merging this is acceptable w/r/t to D-C-O.

> +static const char *virPinList[] = {

[...]

> +"1190", "1191", "1192", "1193", "1194", "1195", "1196", "1197", "1198", "1199",
> +"1200", "1201", "1202", "1203", "1204", "1205", "1206", "1207", "1208", "1209",
> +"1210", "1211", "1212", "1213", "1214", "1215", "1216", "1217", "1218", "1219",
> +"1220", "1221", "1222", "1223", "1224", "1225", "1226", "1227", "1228", "1229",
> +"1230", "1231", "1232", "1233", "1234", "1235", "1236", "1237", "1238", "1239",
Oh, look, here it is!              ^^^^

> +"1240", "1241", "1242", "1243", "1244", "1245", "1246", "1247", "1248", "1249",
> +"1250", "1251", "1252", "1253", "1254", "1255", "1256", "1257", "1258", "1259",
> +"1260", "1261", "1262", "1263", "1264", "1265", "1266", "1267", "1268", "1269",
> +"1270", "1271", "1272", "1273", "1274", "1275", "1276", "1277", "1278", "1279",
> +"1280", "1281", "1282", "1283", "1284", "1285", "1286", "1287", "1288", "1289",
> +"1290", "1291", "1292", "1293", "1294", "1295", "1296", "1297", "1298", "1299",

Jano

Attachment: signature.asc
Description: PGP signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list