File 64ba268b-xenstore-fix-XSA-417.patch of Package xen.30824

Overview Repositories Revisions Requests Users Attributes Meta

File 64ba268b-xenstore-fix-XSA-417.patch of Package xen.30824

# Commit 0c53c638e16278078371ce028c74693841d7738a
# Date 2023-07-21 08:32:43 +0200
# Author Juergen Gross <jgross@suse.com>
# Committer Jan Beulich <jbeulich@suse.com>
tools/xenstore: fix XSA-417 patch

The fix for XSA-417 had a bug: domain_alloc_permrefs() will not return
a negative value in case of an error, but a plain errno value.

Note this is not considered to be a security issue, as the only case
where domain_alloc_permrefs() will return an error is a failed memory
allocation. As a guest should not be able to drive Xenstore out of
memory, this is NOT a problem a guest can trigger at will.

Fixes: ab128218225d ("tools/xenstore: fix checking node permissions")
Signed-off-by: Juergen Gross <jgross@suse.com>
Acked-by: Julien Grall <jgrall@amazon.com>

--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -1674,7 +1674,7 @@ static int do_set_perms(const void *ctx,
 	if (!xs_strings_to_perms(perms.p, perms.num, permstr))
 		return errno;
 
-	if (domain_alloc_permrefs(&perms) < 0)
+	if (domain_alloc_permrefs(&perms))
 		return ENOMEM;
 	if (perms.p[0].perms & XS_PERM_IGNORE)
 		return ENOENT;

Places

File 64ba268b-xenstore-fix-XSA-417.patch of Package xen.30824

Places