|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen stable-4.7] tools/oxenstored: Make evaluation order explicit
commit df66c1cb192649f55c6756b25c802807d1ce7959
Author: Christian Lindig <christian.lindig@xxxxxxxxxx>
AuthorDate: Mon Aug 13 17:26:56 2018 +0100
Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Aug 14 17:27:59 2018 +0100
tools/oxenstored: Make evaluation order explicit
In Store.path_write(), Path.apply_modify() updates the node_created
reference and both the value of apply_modify() and node_created are
returned by path_write().
At least with OCaml 4.06.1 this leads to the value of node_created being
returned *before* it is updated by apply_modify(). This in turn leads
to the quota for a domain not being updated in Store.write(). Hence, a
guest can create an unlimited number of entries in xenstore.
The fix is to make evaluation order explicit.
This is XSA-272.
Signed-off-by: Christian Lindig <christian.lindig@xxxxxxxxxx>
Reviewed-by: Rob Hoes <rob.hoes@xxxxxxxxxx>
(cherry picked from commit 73392c7fd14c59f8c96e0b2eeeb329e4ae9086b6)
---
tools/ocaml/xenstored/store.ml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tools/ocaml/xenstored/store.ml b/tools/ocaml/xenstored/store.ml
index 9f619b8fd5..8b0727f8a8 100644
--- a/tools/ocaml/xenstored/store.ml
+++ b/tools/ocaml/xenstored/store.ml
@@ -257,7 +257,8 @@ let path_write store perm path value =
Node.check_perm store.root perm Perms.WRITE;
Node.set_value store.root value, false
) else
- Path.apply_modify store.root path do_write, !node_created
+ let root = Path.apply_modify store.root path do_write in
+ root, !node_created
let path_rm store perm path =
let do_rm node name =
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.7
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |