Re: [PATCH] tools/kvm_stat: fix attack vector with user controlled FUSE mounts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Signed-off-by: Matthias Gerstner <matthias.gerstner@xxxxxxx>

On Sun, Nov 06, 2022 at 09:43:04AM +0100, Paolo Bonzini wrote:
> On 11/3/22 14:59, Matthias Gerstner wrote:
> > The fix is simply to use the file system type field instead. Whitespace
> > in the mount path is escaped in /proc/mounts thus no further safety
> > measures in the parsing should be necessary to make this correct.
> > ---
> >   tools/kvm/kvm_stat/kvm_stat | 2 +-
> >   1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> 
> Matthias, both this patch and the one you sent to linux-afs need to 
> include a "Signed-off-by" line, for example:
> 
> ###
> ###	Signed-off-by: Matthias Gerstner <matthias.gerstner@xxxxxxx>
> ###
> 
> The meaning of this is visible at https://developercertificate.org/.
> 
> For this patch you can just reply to the message with the above line 
> (without the "###" in front) and I'll accept it.  However, for linux-afs 
> I suggest that you just resend it.  Just committing your patch with the 
> "-s" command line argument will include the line for you.
> 
> Thanks,
> 
> Paolo
> 
> > diff --git a/tools/kvm/kvm_stat/kvm_stat b/tools/kvm/kvm_stat/kvm_stat
> > index 9c366b3a676d..88a73999aa58 100755
> > --- a/tools/kvm/kvm_stat/kvm_stat
> > +++ b/tools/kvm/kvm_stat/kvm_stat
> > @@ -1756,7 +1756,7 @@ def assign_globals():
> >   
> >       debugfs = ''
> >       for line in open('/proc/mounts'):
> > -        if line.split(' ')[0] == 'debugfs':
> > +        if line.split(' ')[2] == 'debugfs':
> >               debugfs = line.split(' ')[1]
> >               break
> >       if debugfs == '':
> 

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux