From nobody Mon Sep 8 21:44:43 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1737460040027410.33408198827374; Tue, 21 Jan 2025 03:47:20 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id 4E17B1448; Tue, 21 Jan 2025 06:47:19 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id D5A031451; Tue, 21 Jan 2025 06:47:03 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 3DF11141C; Tue, 21 Jan 2025 06:47:00 -0500 (EST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 7726913B3 for ; Tue, 21 Jan 2025 06:46:59 -0500 (EST) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-606-dO1humsZMZiPA1rttKVfGg-1; Tue, 21 Jan 2025 06:46:57 -0500 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id BB6EE195606F for ; Tue, 21 Jan 2025 11:46:56 +0000 (UTC) Received: from moe.brq.redhat.com (unknown [10.43.3.236]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 11067195608E for ; Tue, 21 Jan 2025 11:46:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1737460019; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=rhpFwd6AZ4QuWfDrC95K4GPKFOTnJ5wCwBdpmwXO628=; b=KORcspvKP/5JW8AOKdOVMKUo13j8O9qVXvT2N6ON8cCo+T6rMcEEmZwW/mbZ9qzS8VPpFR OlMGyXo2Ydbx7t9EPb1xuTjYvzWMIwiZjk/YZ+faROG3Rddd4ThyewM+oFTi0jrovAPALT UmPhe0GK/MWRw+pfDgJIMpJe/Bsgbs0= X-MC-Unique: dO1humsZMZiPA1rttKVfGg-1 X-Mimecast-MFC-AGG-ID: dO1humsZMZiPA1rttKVfGg From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH] tools: ssh-proxy: Check for domain status before parsing its CID Date: Tue, 21 Jan 2025 12:46:53 +0100 Message-ID: <82bd2b21912e5b17516ca43d31563876b45be796.1737460013.git.mprivozn@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: JdB0t6LQqGZ5HP6yI4Sb0GBh3U4dYISZxNL_cgEhDew_1737460016 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: EDXVKKU4DDG2MMDOLVJR25QBNOP6MVMQ X-Message-ID-Hash: EDXVKKU4DDG2MMDOLVJR25QBNOP6MVMQ X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1737460044278019000 Content-Type: text/plain; charset="utf-8"; x-default="true" Inactive domain XML can be wildly different to the live XML. For instance, it can have VSOCK CID of that from another (running) domain. Since domain status is not checked for, attempting to ssh into an inactive domain may in fact result in opening a connection to a different live domain that listens on said CID currently. Resolves: https://gitlab.com/libvirt/libvirt/-/issues/737 Resolves: https://issues.redhat.com/browse/RHEL-75577 Signed-off-by: Michal Privoznik Reviewed-by: Jiri Denemark --- tools/ssh-proxy/ssh-proxy.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tools/ssh-proxy/ssh-proxy.c b/tools/ssh-proxy/ssh-proxy.c index e60c58d57f..22daffeb63 100644 --- a/tools/ssh-proxy/ssh-proxy.c +++ b/tools/ssh-proxy/ssh-proxy.c @@ -194,7 +194,10 @@ lookupDomainAndFetchCID(const char *uri, if (virStrToLong_i(domname, NULL, 10, &id) >=3D 0) dom =3D virDomainLookupByID(conn, id); } - if (!dom) + + /* If no domain is found, return an error. Similarly, inactive domain = may + * contain CID of another (running) domain, yielding misleading result= s. */ + if (!dom || virDomainIsActive(dom) <=3D 0) return -1; =20 return extractCID(dom, cid); --=20 2.45.2