Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
qemu-linux-user
0356-9pfs-fix-information-leak-in-xattr-.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0356-9pfs-fix-information-leak-in-xattr-.patch of Package qemu-linux-user
From 75ae2920545a0f706993284f7beaed01d34f6e92 Mon Sep 17 00:00:00 2001 From: Li Qiang <liqiang6-s@360.cn> Date: Mon, 17 Oct 2016 14:13:58 +0200 Subject: [PATCH] 9pfs: fix information leak in xattr read 9pfs uses g_malloc() to allocate the xattr memory space, if the guest reads this memory before writing to it, this will leak host heap memory to the guest. This patch avoid this. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Reviewed-by: Greg Kurz <groug@kaod.org> Signed-off-by: Greg Kurz <groug@kaod.org> (cherry picked from commit eb687602853b4ae656e9236ee4222609f3a6887d) [BR: CVE-2016-9103 BSC#1007454] Signed-off-by: Bruce Rogers <brogers@suse.com> --- hw/9pfs/9p.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c index 134c329df6..deccb04017 100644 --- a/hw/9pfs/9p.c +++ b/hw/9pfs/9p.c @@ -3142,7 +3142,7 @@ static void v9fs_xattrcreate(void *opaque) xattr_fidp->fs.xattr.flags = flags; v9fs_string_init(&xattr_fidp->fs.xattr.name); v9fs_string_copy(&xattr_fidp->fs.xattr.name, &name); - xattr_fidp->fs.xattr.value = g_malloc(size); + xattr_fidp->fs.xattr.value = g_malloc0(size); err = offset; put_fid(pdu, file_fidp); out_nofid:
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor