rpms / libvirt

Clone
Source Code
GIT

Blame SOURCES/libvirt-virdevmapper-fix-stat-comparison-in-virDMSanitizepath.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   3cf99237563e5321a3ac9d3c84963011b35201d5
  2.   SOURCES
  3.   libvirt-virdevmapper-fix-stat-comparison-in-virDMSanitizepath.patch
Blob History Raw
3cf992 
From 99e00695f1ab24e122e83087162a84b2bf2b81e2 Mon Sep 17 00:00:00 2001
3cf992 
Message-Id: <99e00695f1ab24e122e83087162a84b2bf2b81e2@dist-git>
3cf992 
From: Pavel Hrdina <phrdina@redhat.com>
3cf992 
Date: Mon, 8 Mar 2021 12:57:35 +0100
3cf992 
Subject: [PATCH] virdevmapper: fix stat comparison in virDMSanitizepath
3cf992 
MIME-Version: 1.0
3cf992 
Content-Type: text/plain; charset=UTF-8
3cf992 
Content-Transfer-Encoding: 8bit
3cf992
3cf992 
Introduced by commit <22494556542c676d1b9e7f1c1f2ea13ac17e1e3e> which
3cf992 
fixed a CVE.
3cf992
3cf992 
If the @path passed to virDMSanitizepath() is not a DM name or not a
3cf992 
path to DM name this function could return incorrect sanitized path as
3cf992 
it would always be the first device under /dev/mapper/.
3cf992
3cf992 
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
3cf992 
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
3cf992 
(cherry picked from commit f711fa9ad09f68ea7f0bcaf999fab9c06dc6a93e)
3cf992
3cf992 
Conflicts:
3cf992 
- src/util/virdevmapper.c: Context, the downstream has
3cf992 
  VIR_STEAL_PTR() while the cherry picked commit uses
3cf992 
  g_steal_pointer() already.
3cf992
3cf992 
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1933557
3cf992 
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
3cf992 
Message-Id: <a09ac0ef47d828fe4fd2683f6fbc94fbc76a5944.1615203117.git.mprivozn@redhat.com>
3cf992 
Reviewed-by: Ján Tomko <jtomko@redhat.com>
3cf992 
---
3cf992 
 src/util/virdevmapper.c | 2 +-
3cf992 
 1 file changed, 1 insertion(+), 1 deletion(-)
3cf992
3cf992 
diff --git a/src/util/virdevmapper.c b/src/util/virdevmapper.c
3cf992 
index a04d9650a6..4994b4caef 100644
3cf992 
--- a/src/util/virdevmapper.c
3cf992 
+++ b/src/util/virdevmapper.c
3cf992 
@@ -219,7 +219,7 @@ virDMSanitizepath(const char *path)
3cf992 
             return NULL;
3cf992
3cf992 
         if (stat(tmp, &sb[1]) == 0 &&
3cf992 
-            sb[0].st_rdev == sb[0].st_rdev) {
3cf992 
+            sb[0].st_rdev == sb[1].st_rdev) {
3cf992 
             VIR_STEAL_PTR(ret, tmp);
3cf992 
             break;
3cf992 
         }
3cf992 
--
3cf992 
2.31.0
3cf992

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation