[libvirt PATCH v2 00/20] Overhaul test/commandhelper.c

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I stumbled upon a buffer overflow / stack smash present in
"test/commandhelper.c" that could be triggered by e.g.

  $ ./tests/commandhelper --readfd 0 --readfd 0 --readfd 0 --readfd x
  Could not parse fd x
  *** stack smashing detected ***: terminated
  Aborted (core dumped)

This series cleans up the file and fixes the buffer overflow.

Note that it does not touch the "prevent malloc with zero size" issue
discussed in
https://www.redhat.com/archives/libvir-list/2021-January/msg01160.html,
this will be done in the other series.

V1: https://www.redhat.com/archives/libvir-list/2021-January/msg01246.html

Changes since V1:
* Patch 3: Treat '=' as null byte in string comparison, preserving the
  "compare only the keys" semantics.
* Patch 14: Overallocate 'buffers' by one, to null terminate the list of
  strings. This makes the cleanup function of 'buffers' independent of
  'args->numreadfs'.
* Patch 15: Fix a memory leak (that was fixed in last patch anyway).
* Patch 16..: Rewritten to explicitly not use any glib code.
* Added conversion of 'printInput' to automatic memory management .

Cheers,
Tim

Tim Wiederhake (20):
  commandhelper: Remove origenv variable
  commandhelper: Remove numpollfds variable
  commandhelper: Simplify envsort
  commandhelper: Consolidate error paths
  commandhelper: Consolidate argument parsing
  commandhelper: Split argument parsing and printing
  commandhelper: Factor out parseArguments
  commandhelper: Factor out printArguments
  commandhelper: Factor out printEnvironment
  commandhelper: Factor out printFds
  commandhelper: Factor out printDaemonization
  commandhelper: Factor out printCwd
  commandhelper: Factor out printInput
  commandhelper: Make number of fds variable in printInput
  commandhelper: Make number of fds variable in parseArguments
  commandhelper: Use automatic memory management in parseArguments
  commandhelper: Use automatic memory management in printEnvironment
  commandhelper: Use automatic memory management in printCwd
  commandhelper: Use automatic memory management in printInput
  commandhelper: Use automatic memory management in main

 tests/commandhelper.c | 344 ++++++++++++++++++++++++++++--------------
 1 file changed, 229 insertions(+), 115 deletions(-)

-- 
2.26.2
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux