On Tue, Apr 16, 2024 at 12:58:53PM +0200, Ján Tomko wrote:
> On a Tuesday in 2024, Daniel P. Berrangé wrote:
> > The typed parameter array must be either 0, or a positive
> > number.
> >
>
> Does this matter?
>
> The API documentation says:
> * @nparams: pointer to received number of interface parameter
>
> and it looks like we ignore the number as long as params is NULL.
This missing check is something I noticed when fixing the recent
CVE about RPC checking nparams. In all other APIs we have such
a virCheckNonNegativeArgGoto for '*nparams', this was the only
one that was missing.
I believe it is harmless in terms of risk to libvirt/libvirtd,
but it might lead to better detection/reporting of bugs in apps.
> > Signed-off-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
> > ---
> > src/libvirt-network.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/src/libvirt-network.c b/src/libvirt-network.c
> > index ef17a8a04d..e467716b6a 100644
> > --- a/src/libvirt-network.c
> > +++ b/src/libvirt-network.c
> > @@ -1577,6 +1577,8 @@ virNetworkPortGetParameters(virNetworkPortPtr port,
> > virCheckNetworkPortReturn(port, -1);
> > conn = port->net->conn;
> >
> > + virCheckNonNegativeArgGoto(*nparams, error);
> > +
> > if (conn->networkDriver && conn->networkDriver->networkPortGetParameters) {
> > int ret;
> > ret = conn->networkDriver->networkPortGetParameters(port, params, nparams, flags);
> > --
> > 2.43.0
> > _______________________________________________
> > Devel mailing list -- devel@xxxxxxxxxxxxxxxxx
> > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxx
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
_______________________________________________
Devel mailing list -- devel@xxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxx
