|
 |
adeaf8 |
From b4e1fb2febb00173b1489634262169554e8f6a1d Mon Sep 17 00:00:00 2001
|
|
|
adeaf8 |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
adeaf8 |
Date: Mon, 23 Sep 2013 12:46:25 +0100
|
|
|
adeaf8 |
Subject: [PATCH] Fix typo in identity code which is pre-requisite for
|
|
|
adeaf8 |
CVE-2013-4311
|
|
|
adeaf8 |
|
|
|
adeaf8 |
The fix for CVE-2013-4311 had a pre-requisite enhancement
|
|
|
adeaf8 |
to the identity code
|
|
|
adeaf8 |
|
|
|
adeaf8 |
commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176
|
|
|
adeaf8 |
Author: Daniel P. Berrange <berrange@redhat.com>
|
|
|
adeaf8 |
Date: Thu Aug 22 16:00:01 2013 +0100
|
|
|
adeaf8 |
|
|
|
adeaf8 |
Also store user & group ID values in virIdentity
|
|
|
adeaf8 |
|
|
|
adeaf8 |
This had a typo which caused the group ID to overwrite the
|
|
|
adeaf8 |
user ID string. This meant any checks using this would have
|
|
|
adeaf8 |
the wrong ID value. This only affected the ACL code, not the
|
|
|
adeaf8 |
initial polkit auth. It also leaked memory.
|
|
|
adeaf8 |
|
|
|
adeaf8 |
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
adeaf8 |
---
|
|
|
adeaf8 |
src/rpc/virnetserverclient.c | 2 +-
|
|
|
adeaf8 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
adeaf8 |
|
|
|
adeaf8 |
diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
|
|
|
adeaf8 |
index 19c4100..0b9ab52 100644
|
|
|
adeaf8 |
--- a/src/rpc/virnetserverclient.c
|
|
|
adeaf8 |
+++ b/src/rpc/virnetserverclient.c
|
|
|
adeaf8 |
@@ -678,7 +678,7 @@ virNetServerClientCreateIdentity(virNetServerClientPtr client)
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
if (!(groupname = virGetGroupName(gid)))
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
- if (virAsprintf(&userid, "%d", (int)gid) < 0)
|
|
|
adeaf8 |
+ if (virAsprintf(&groupid, "%d", (int)gid) < 0)
|
|
|
adeaf8 |
goto cleanup;
|
|
|
adeaf8 |
if (virAsprintf(&processid, "%llu",
|
|
|
adeaf8 |
(unsigned long long)pid) < 0)
|