[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 18/28] xenstored: handle unlikely failure better in ask_parents



On Thu, Sep 26, 2013 at 1:06 AM, Ian Campbell <Ian.Campbell@xxxxxxxxxx> wrote:
> On Wed, 2013-09-18 at 15:37 +1200, Matthew Daley wrote:
>> Coverity-ID: 1055277
>> Signed-off-by: Matthew Daley <mattjd@xxxxxxxxx>
>> ---
>>  tools/xenstore/xenstored_core.c |    4 +++-
>>  1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/tools/xenstore/xenstored_core.c 
>> b/tools/xenstore/xenstored_core.c
>> index a2cf2a6..0f8ba64 100644
>> --- a/tools/xenstore/xenstored_core.c
>> +++ b/tools/xenstore/xenstored_core.c
>> @@ -523,8 +523,10 @@ static enum xs_perm_type ask_parents(struct connection 
>> *conn, const char *name)
>>       } while (!streq(name, "/"));
>>
>>       /* No permission at root?  We're in trouble. */
>> -     if (!node)
>> +     if (!node) {
>>               corrupt(conn, "No permissions file at root");
>
> Seems almost abort/assert worthy but maybe there is a possible DoS in
> that (I haven't looked/thought/checked). So I'll apply this one.

I thought that too, but corrupt() does return after doing actual
checks/cleaning on the underlying store (FWIW), so it might be worth
letting it flounder a bit longer...

>
>> +             return XS_PERM_NONE;
>> +     }
>>
>>       return perm_for_conn(conn, node->perms, node->num_perms);
>>  }
>
>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.