| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
 Re: [PATCH v3 2/2] tools/xenstore: fix get_spec_node()
 
To: Juergen Gross <jgross@xxxxxxxx>From: Jan Beulich <jbeulich@xxxxxxxx>Date: Thu, 27 Jul 2023 09:53:01 +0200Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=noneArc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dasr7o8iHHwkZxg49CQhbvh0zVtG2GDXonEtaYW5K6c=; b=W2LcyDLZnpP68haIgakulkJ8LJsFN10NC01vNjGzAviEUK2n/BFiapEqLFOPptW9GgLVPnLdNTqpJMBJ6TZODZHROfRRIdoxXBiy4IKWKdJ3LD122qRQ6ep4LkTBx7f31Q4x0T1KyoXEn30h/FJvVenC38XHRol4kU4R9XGN7RWz1geiE5Lt+fal06GBhMwiuJRKM4qI1U3a3B5UD4JupPsVLzOU8GdG9LADkxUSS7JCcB+8PsjTgtIC0WFboolzDYWu4skr5Kxtn88qHopK0w/9NFtdXOppcgEu88XlXGw8n4UrFGXnJqEjI1Gx1fAJ+adNIyovumDyPgpwskHO/A==Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g9XGLro4NiKNppWBVxev77fH6n+ZeyiI3YEiEtXjBc8fvKS4NZ/YdmEXBsk5USTyOQb2dQAvxq1V3MGHmkRcURpm+E9f47x0WS+WSCdEEjnEBgq134Pt23WET/L1Uhqn6FsyNSnYT/Bmw/7JpzwJvVLcQet2guWTrnFNfJUH4MLdarwEaRLft5kw9ZjNlsfQxChCevZeJ05I/D6OnjZI+l3Ci4oJju0BI//fR9AF4x5fEJb6bztSNRFwhEmZh+YYIInstNgV0q8TKQU9kcM2SXNLp3FDlJnr8edI14+hRh5d0RvJ/JBhMgCpkTGubcc6iMTqbKBCCAAYcaoLDlYwKw==Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;Cc: Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Julien Grall <jgrall@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxxDelivery-date: Thu, 27 Jul 2023 07:53:41 +0000List-id: Xen developer discussion <xen-devel.lists.xenproject.org> 
 On 24.07.2023 12:33, Juergen Gross wrote:
> In case get_spec_node() is being called for a special node starting
> with '@' it won't set *canonical_name. This can result in a crash of
> xenstored due to dereferencing the uninitialized name in
> fire_watches().
> 
> This is no security issue as it requires either a privileged caller or
> ownership of the special node in question by an unprivileged caller
> (which is questionable, as this would make the owner privileged in some
> way).
> 
> Fixes: d6bb63924fc2 ("tools/xenstore: introduce dummy nodes for special watch 
> paths")
> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
> Reviewed-by: Julien Grall <jgrall@xxxxxxxxxx>
I've committed the two patches, and I've queued this one for backporting.
Can at least one of you please confirm that the earlier patch is not
intended to be backported, and that instead a cast will need adding in
the backport of the one here?
Jan
 |