From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893220946400.10587604393515; Mon, 9 Sep 2024 07:47:00 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id DBCE8B47; Mon, 9 Sep 2024 10:46:59 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 53A381907; Mon, 9 Sep 2024 10:46:23 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 7DCF917D5; Mon, 9 Sep 2024 10:46:18 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 2B34E1717 for ; Mon, 9 Sep 2024 10:46:17 -0400 (EDT) Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-677-DhFdJAwUOXmIgu-WRE5K2w-1; Mon, 09 Sep 2024 10:46:15 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id C35E219541A8 for ; Mon, 9 Sep 2024 14:46:14 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id F3CC01956096 for ; Mon, 9 Sep 2024 14:46:13 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893176; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=a48QgDOs745y3eD+NITOEbGuZjkVkHkZr9SPhwTHHNQ=; b=UvIDEl0fdc6ux0rmWfY7gL6TbGgM7LhoDaKf2caESutKlUj0VgMJ5yD+XTRgHnK6fRsbnL LYevIuYMqn2DkEkjwCae+R/2aalRxW4Un3Frg+ROmBQYYXs76yA1Ti1y6vyq+j717H5Sts yl6UmMV/GC9hDkuayrQrqSWZe548xI4= X-MC-Unique: DhFdJAwUOXmIgu-WRE5K2w-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 1/9] virDomainDefParseBootInitOptions: Don't leak 'name' on failure Date: Mon, 9 Sep 2024 16:46:02 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 6JABDVNQ5PT5VOS4EUG64DNMJP6Y7RW7 X-Message-ID-Hash: 6JABDVNQ5PT5VOS4EUG64DNMJP6Y7RW7 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893222240116600 Content-Type: text/plain; charset="utf-8" One of the failure paths skips code which would assign the string from the temporary variable to the parsed struct, thus leaking it on failure. Closes: https://gitlab.com/libvirt/libvirt/-/issues/672 Signed-off-by: Peter Krempa --- src/conf/domain_conf.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index a263612ef7..d72870d87d 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -17518,7 +17518,6 @@ static int virDomainDefParseBootInitOptions(virDomainDef *def, xmlXPathContextPtr ctxt) { - char *name =3D NULL; size_t i; int n; g_autofree xmlNodePtr *nodes =3D NULL; @@ -17550,6 +17549,8 @@ virDomainDefParseBootInitOptions(virDomainDef *def, def->os.initenv =3D g_new0(virDomainOSEnv *, n + 1); for (i =3D 0; i < n; i++) { + g_autofree char *name =3D NULL; + if (!(name =3D virXMLPropString(nodes[i], "name"))) { virReportError(VIR_ERR_XML_ERROR, "%s", _("No name supplied for element")); @@ -17565,7 +17566,7 @@ virDomainDefParseBootInitOptions(virDomainDef *def, } def->os.initenv[i] =3D g_new0(virDomainOSEnv, 1); - def->os.initenv[i]->name =3D name; + def->os.initenv[i]->name =3D g_steal_pointer(&name); def->os.initenv[i]->value =3D g_strdup((const char *)nodes[i]->chi= ldren->content); } def->os.initenv[n] =3D NULL; --=20 2.46.0 From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893248246842.9690268342491; Mon, 9 Sep 2024 07:47:28 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 3C2A61824; Mon, 9 Sep 2024 10:47:27 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 0FD351957; Mon, 9 Sep 2024 10:46:25 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 20F4C17D5; Mon, 9 Sep 2024 10:46:19 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id A72601717 for ; Mon, 9 Sep 2024 10:46:18 -0400 (EDT) Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-340-cTiSxweNNQGfccpsZ77S5w-1; Mon, 09 Sep 2024 10:46:17 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 2AA721954233 for ; Mon, 9 Sep 2024 14:46:16 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 4AE8E1956086 for ; Mon, 9 Sep 2024 14:46:15 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893178; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OS6oqCWUPnrydj/+PT2OXjK7dtQ5BtgFjs4rENEmFJ8=; b=C4Sj5uCX29bjKuCW3HqfYymkX/le1hOR7bq77bx5bXQ54z/IeDgEmIWFwD9IpauX+Ao29t 1wkWXRwSfIiXEqywR45TV5Oiho/DaIx/uZ0gWqdOSFWj+BUiImQ69NN5Gjvv1agNktachT ljflB29i9DT3lOYPg2MmTamqHiwhwyY= X-MC-Unique: cTiSxweNNQGfccpsZ77S5w-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 2/9] virBitmapShrink: Do not attempt to clear bits beyond end of buffer Date: Mon, 9 Sep 2024 16:46:03 +0200 Message-ID: <051f2c2e6a6f12c31f76245424b3522717c9ba12.1725893134.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: P3TFEGVCEUK3SLZB2T74GY6GZKR2YFF5 X-Message-ID-Hash: P3TFEGVCEUK3SLZB2T74GY6GZKR2YFF5 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893250389116600 Content-Type: text/plain; charset="utf-8" 'virBitmapShrink' clears the bits beyond the end of the bitmap when shrinking and then reallocates to match the new size. As it uses the address of the first bit beyond the bitmap do do the clearing it can overrun the allocated buffer if we're no actually going to shrink it and the last bit's address is on the chunk boundary. Fix it by returning in that corner case and add few more tests to be sure. Closes: https://gitlab.com/libvirt/libvirt/-/issues/673 Fixes: d6e582da80d Signed-off-by: Peter Krempa --- src/util/virbitmap.c | 6 ++++++ tests/virbitmaptest.c | 39 +++++++++++++++++++++++++++++++++------ 2 files changed, 39 insertions(+), 6 deletions(-) diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c index 775bbf1532..b8d0352bb1 100644 --- a/src/util/virbitmap.c +++ b/src/util/virbitmap.c @@ -1183,6 +1183,12 @@ virBitmapShrink(virBitmap *map, nl =3D map->nbits / VIR_BITMAP_BITS_PER_UNIT; nb =3D map->nbits % VIR_BITMAP_BITS_PER_UNIT; + + /* If we're at the end of the allocation the attempt to clear 'map->nb= it' + * and further would be beyond the end of the bitmap */ + if (nl >=3D map->map_alloc) + return; + map->map[nl] &=3D ((1UL << nb) - 1); toremove =3D map->map_alloc - (nl + 1); diff --git a/tests/virbitmaptest.c b/tests/virbitmaptest.c index adc956ca3d..27b6c13114 100644 --- a/tests/virbitmaptest.c +++ b/tests/virbitmaptest.c @@ -577,18 +577,45 @@ test12b(const void *opaque G_GNUC_UNUSED) { g_autoptr(virBitmap) map =3D NULL; - if (!(map =3D virBitmapParseUnlimited("34,1023"))) + if (!(map =3D virBitmapParseUnlimited("31,32,63,64,1023"))) return -1; - if (checkBitmap(map, "34,1023", 1024) < 0) + if (checkBitmap(map, "31-32,63-64,1023", 1024) < 0) return -1; - virBitmapShrink(map, 35); - if (checkBitmap(map, "34", 35) < 0) + /* no shrink at full alloc */ + virBitmapShrink(map, 1025); + if (checkBitmap(map, "31-32,63-64,1023", 1024) < 0) return -1; - virBitmapShrink(map, 34); - if (checkBitmap(map, "", 34) < 0) + /* shrink at the end */ + virBitmapShrink(map, 1023); + if (checkBitmap(map, "31-32,63-64", 1023) < 0) + return -1; + + /* extend back to see whether tail was cleared */ + virBitmapSetBitExpand(map, 1022); + if (checkBitmap(map, "31-32,63-64,1022", 1023) < 0) + return -1; + + virBitmapShrink(map, 64); + if (checkBitmap(map, "31-32,63", 64) < 0) + return -1; + + virBitmapShrink(map, 65); + if (checkBitmap(map, "31-32,63", 64) < 0) + return -1; + + virBitmapShrink(map, 63); + if (checkBitmap(map, "31-32", 63) < 0) + return -1; + + virBitmapShrink(map, 32); + if (checkBitmap(map, "31", 32) < 0) + return -1; + + virBitmapShrink(map, 31); + if (checkBitmap(map, "", 31) < 0) return -1; return 0; --=20 2.46.0 From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893263956158.48441798446788; Mon, 9 Sep 2024 07:47:43 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id E3472196A; Mon, 9 Sep 2024 10:47:42 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id CC07B1970; Mon, 9 Sep 2024 10:46:27 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 427C117D2; Mon, 9 Sep 2024 10:46:20 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id C593517D2 for ; Mon, 9 Sep 2024 10:46:19 -0400 (EDT) Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-489-g6Bwcb9dO3Wdl_J15YENWw-1; Mon, 09 Sep 2024 10:46:18 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 664261955F45 for ; Mon, 9 Sep 2024 14:46:17 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 95245195608A for ; Mon, 9 Sep 2024 14:46:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893179; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=P5Ud36nXPy8D4Eg+g92uIyeyIfbBjJ/BaAD8sGb33sM=; b=HIkZTkebMvZJR+p0/TtvQhJRJAb8uAQa0NVSe6kkXlBzjhcLlz+9iXlZqjoB7R/ocMD8AL FxYuPfsLM+InnQCfN2Mko7aNcz3dkQVSckOyMRzVwpuJLTwQrdiP3nbSfQ5SoT3gcScm/P FJMojOXmY0pYb13et0Ca1tSsfDiEmms= X-MC-Unique: g6Bwcb9dO3Wdl_J15YENWw-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 3/9] virDomainFeaturesHyperVDefParse: Don't overwrite hypervisor vendor_id Date: Mon, 9 Sep 2024 16:46:04 +0200 Message-ID: <0c67a39ea1dfe9bbcc50f5cc53818c99e96fcb9b.1725893134.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: L3VZICSK6P6Z5K3RJR5MEXJMQ6K6HQDX X-Message-ID-Hash: L3VZICSK6P6Z5K3RJR5MEXJMQ6K6HQDX X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893264515116600 Content-Type: text/plain; charset="utf-8" In case when the user specifies the '' feature multiple times we could overwrite already parsed data. Clear it beforehand. As before this isn't trying to address the case of features being specified multiple times not making much sense. Closes: https://gitlab.com/libvirt/libvirt/-/issues/675 Signed-off-by: Peter Krempa --- src/conf/domain_conf.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index d72870d87d..e31b674bc2 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -16621,6 +16621,8 @@ virDomainFeaturesHyperVDefParse(virDomainDef *def, if (value !=3D VIR_TRISTATE_SWITCH_ON) break; + g_clear_pointer(&def->hyperv_vendor_id, g_free); + if (!(def->hyperv_vendor_id =3D virXMLPropString(node, "value"= ))) { virReportError(VIR_ERR_XML_ERROR, "%s", _("missing 'value' attribute for HyperV fea= ture 'vendor_id'")); --=20 2.46.0 From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893279366332.98776858886333; Mon, 9 Sep 2024 07:47:59 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 4BC1A185F; Mon, 9 Sep 2024 10:47:58 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 93E2B186D; Mon, 9 Sep 2024 10:46:29 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 196AD18A5; Mon, 9 Sep 2024 10:46:22 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 64EEB1717 for ; Mon, 9 Sep 2024 10:46:21 -0400 (EDT) Received: from mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-554-AYnVxl6COqWfrHjJYVDPFA-1; Mon, 09 Sep 2024 10:46:19 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id E311E1945114 for ; Mon, 9 Sep 2024 14:46:18 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id F2B92195608A for ; Mon, 9 Sep 2024 14:46:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893181; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3gXiWYVaGaMRNmlcuky54bLlmJiMFfObcBaSjYqaJkg=; b=XOnq+9jppCr5UN+ZtjqGbbZEQCWkE6kTkKxQeuY3War8zSX73tb/nBX0em77+9MHp8fQNS J/Ayk4Yqr5e4VqGi0N8OZ13nX/sbPy1/WHhHB6HFub2mafvP/3mKwvVPkTVj+mdwHkVsST qH/nnmEZ3rft8Rd2wGWbUlOQMLZWMpQ= X-MC-Unique: AYnVxl6COqWfrHjJYVDPFA-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 4/9] virDomainFeaturesTCGDefParse: Don't leak 'tcg_features' when '' feature is repeated Date: Mon, 9 Sep 2024 16:46:05 +0200 Message-ID: <5c403268879581b7e42d0535ed6bac7d6858a275.1725893134.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: W5MEWJHUDTAOGSWM7PLDQENFX2N7HRME X-Message-ID-Hash: W5MEWJHUDTAOGSWM7PLDQENFX2N7HRME X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893280516116600 Content-Type: text/plain; charset="utf-8" Similarly to other cases users may specify the feature flag multiple times. Signed-off-by: Peter Krempa --- src/conf/domain_conf.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index e31b674bc2..0f0488f3a2 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -16807,21 +16807,25 @@ virDomainFeaturesTCGDefParse(virDomainDef *def, xmlXPathContextPtr ctxt, xmlNodePtr node) { - g_autofree virDomainFeatureTCG *tcg =3D NULL; + unsigned long long tb_cache; VIR_XPATH_NODE_AUTORESTORE(ctxt); - tcg =3D g_new0(virDomainFeatureTCG, 1); ctxt->node =3D node; if (virDomainParseMemory("./tb-cache", "./tb-cache/@unit", - ctxt, &tcg->tb_cache, false, false) < 0) + ctxt, &tb_cache, false, false) < 0) return -1; - if (tcg->tb_cache =3D=3D 0) + if (tb_cache =3D=3D 0) return 0; + if (!def->tcg_features) + def->tcg_features =3D g_new0(virDomainFeatureTCG, 1); + + def->tcg_features->tb_cache =3D tb_cache; + + def->features[VIR_DOMAIN_FEATURE_TCG] =3D VIR_TRISTATE_SWITCH_ON; - def->tcg_features =3D g_steal_pointer(&tcg); return 0; } --=20 2.46.0 From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893311212479.55019567805334; Mon, 9 Sep 2024 07:48:31 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 231761920; Mon, 9 Sep 2024 10:48:30 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 86A43194E; Mon, 9 Sep 2024 10:46:42 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id B6E741897; Mon, 9 Sep 2024 10:46:36 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 8519A182B for ; Mon, 9 Sep 2024 10:46:24 -0400 (EDT) Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-315-faXasFQvNNCVsy1XaZlbIw-1; Mon, 09 Sep 2024 10:46:22 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 35DC619541A1 for ; Mon, 9 Sep 2024 14:46:20 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 637CF195608A for ; Mon, 9 Sep 2024 14:46:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893184; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=8OpktioIrizRPAaN9DMOuVSWbmVuSZK6Zb1CDuPq52k=; b=gdgN/j5udWmnKdA+jbG7DkQC/RGz7bizGSlDSoRwbo2yjPUPX/+fDYcxZcyncjPWk46Bu1 9qU2pK2Ds1POZVd+Of1oN9aqDLuTQfjToqA9od3U4OvSk38mQfesLFt+7ujsX+xujMnC2A NhHlyG1z/L2dPM0LHKHCv7gtqa8wV0w= X-MC-Unique: faXasFQvNNCVsy1XaZlbIw-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 5/9] virDomainFeaturesDefParse: Add comment warning about features being specified repeatedly Date: Mon, 9 Sep 2024 16:46:06 +0200 Message-ID: <7d5ee2eb3b5aa42c284fc30a25d2793ad71c0494.1725893134.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: BAY6WTHXCNRLNCOMNBMIXC47C3V2D2ZQ X-Message-ID-Hash: BAY6WTHXCNRLNCOMNBMIXC47C3V2D2ZQ X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893312700116600 Content-Type: text/plain; charset="utf-8" Few of the handlers didn't take that possibility into account. Warn others. Signed-off-by: Peter Krempa --- src/conf/domain_conf.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 0f0488f3a2..cf4b1b2aef 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -16849,6 +16849,8 @@ virDomainFeaturesDefParse(virDomainDef *def, return -1; } + /* Beware that users can specify the given feature multiple times,= so + * the parser must be able to handle that */ switch ((virDomainFeature) val) { case VIR_DOMAIN_FEATURE_ACPI: case VIR_DOMAIN_FEATURE_PAE: --=20 2.46.0 From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893295620842.3823016244286; Mon, 9 Sep 2024 07:48:15 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 8A40C196B; Mon, 9 Sep 2024 10:48:14 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 5D16E17E7; Mon, 9 Sep 2024 10:46:40 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id EC400196A; Mon, 9 Sep 2024 10:46:35 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id D6D621930 for ; Mon, 9 Sep 2024 10:46:23 -0400 (EDT) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-596-tmrtVza-MV6JjMlqKcpdrA-1; Mon, 09 Sep 2024 10:46:22 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 8F70E193E8DA for ; Mon, 9 Sep 2024 14:46:21 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id BB56C195608A for ; Mon, 9 Sep 2024 14:46:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893183; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QRUgvQgkjdktZ0TSpGtfCbZz75jNYmLDnXwMqWJSndw=; b=ItAkY64OkUHSoRm6U9zGGeA7zs1KNWNrFvW6Da4ARng4zlaSXUhJO9j4GtyA2U1Cd0t1dZ Q/Bxy+YbC84jYF/D9SF+SMF40LjhJmImmYgVrPuU/pZphEkkSeN2OWoFw9UKsZ7drxZ8My JanUKtVOMkNWsf5ppAUvMnuTCZ2n7/w= X-MC-Unique: tmrtVza-MV6JjMlqKcpdrA-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 6/9] internal: Add helper macro for checking multiply and add overflows Date: Mon, 9 Sep 2024 16:46:07 +0200 Message-ID: <7b1a1290db11e5f99f31ae5ff70c534aacd63d4d.1725893134.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: IEH4RVHQ5S4LBCW3S5OILI5MHME32O7C X-Message-ID-Hash: IEH4RVHQ5S4LBCW3S5OILI5MHME32O7C X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893296609116600 Content-Type: text/plain; charset="utf-8" The macro does the two checks together so that it's obvious what we're checking as doing it in place is really unpleasant. Signed-off-by: Peter Krempa --- src/internal.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/internal.h b/src/internal.h index 01860efad9..20aa9b1d41 100644 --- a/src/internal.h +++ b/src/internal.h @@ -43,6 +43,17 @@ #define VIR_INT_MULTIPLY_OVERFLOW(a,b) (G_UNLIKELY ((b) > 0 && (a) > G_MAX= INT / (b))) +/** + * VIR_MULTIPLY_ADD_IS_OVERFLOW: + * @limit: maximum value of data type + * @value: current value + * @multiply: number @value is going to be multiplied by + * @add: number that will be added to @value after multiplication + */ +#define VIR_MULTIPLY_ADD_IS_OVERFLOW(limit, value, multiply, add) \ + (G_UNLIKELY(((multiply) > 0 && (value) > (limit) / (multiply)) || \ + ((limit) - ((value) * (multiply)) < (add)))) + /* The library itself is allowed to use deprecated functions / * variables, so effectively undefine the deprecated attribute * which would otherwise be defined in libvirt.h. --=20 2.46.0 From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893327350723.1517475195382; Mon, 9 Sep 2024 07:48:47 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 5279E19A5; Mon, 9 Sep 2024 10:48:46 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id A566F1979; Mon, 9 Sep 2024 10:46:44 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 7B1B7186F; Mon, 9 Sep 2024 10:46:37 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 403FA186F for ; Mon, 9 Sep 2024 10:46:25 -0400 (EDT) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-661-f7zxvUpYN76gthlvQnjAag-1; Mon, 09 Sep 2024 10:46:23 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id E77EB195608C for ; Mon, 9 Sep 2024 14:46:22 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 1F55D195608A for ; Mon, 9 Sep 2024 14:46:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893184; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=CmjN7Yk2T0TzRKdQye8kRX7GAx8su49hH+ISV8zneg0=; b=WM2Ssltwrh9JTUMQnGlK7fzHpShCA4r7VW+5sqSyDytNuehRDA+1fqtuJRGMr3dxiurVAs WoiNrDlHng3cw4hC3ekMS23nc7f+0083aApl7i5LINF6S+8lHmC7O872zcPFcTy4VXamJZ raUR1BZR5dea/KvQEvDUQ5nz4X3q394= X-MC-Unique: f7zxvUpYN76gthlvQnjAag-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 7/9] virconf: Properly fix numeric overflow when parsing numbers in conf files Date: Mon, 9 Sep 2024 16:46:08 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: WIEUWDCAILAJW446KHJUXCWJ5WLPMNMD X-Message-ID-Hash: WIEUWDCAILAJW446KHJUXCWJ5WLPMNMD X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893328845116600 Content-Type: text/plain; charset="utf-8" The previous fix didn't check the overflow in addition. Use the new macro to check both multiplication and addition overflows. Fixes: 8666523b7d0891c38a7c9c138c4cc318eddfefeb Closes: https://gitlab.com/libvirt/libvirt/-/issues/671 Signed-off-by: Peter Krempa --- src/util/virconf.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/util/virconf.c b/src/util/virconf.c index da07af178d..66b3e0482e 100644 --- a/src/util/virconf.c +++ b/src/util/virconf.c @@ -347,13 +347,15 @@ virConfParseLong(virConfParserCtxt *ctxt, long long *= val) return -1; } while ((ctxt->cur < ctxt->end) && (g_ascii_isdigit(CUR))) { - if (l > LLONG_MAX / 10) { + long long c =3D (CUR - '0'); + + if (VIR_MULTIPLY_ADD_IS_OVERFLOW(LLONG_MAX, l, 10, c)) { virConfError(ctxt, VIR_ERR_OVERFLOW, _("numeric overflow in conf value")); return -1; } - l =3D l * 10 + (CUR - '0'); + l =3D l * 10 + c; NEXT; } if (neg) --=20 2.46.0 From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893344137990.1397082923322; Mon, 9 Sep 2024 07:49:04 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id DB9CE1806; Mon, 9 Sep 2024 10:49:02 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 441D4199F; Mon, 9 Sep 2024 10:46:46 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 099F7191E; Mon, 9 Sep 2024 10:46:38 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id C63CF1931 for ; Mon, 9 Sep 2024 10:46:26 -0400 (EDT) Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-652-4upFFE7PNGmTYD3UZx14mA-1; Mon, 09 Sep 2024 10:46:25 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 4D34B1955DC3 for ; Mon, 9 Sep 2024 14:46:24 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 759A21956086 for ; Mon, 9 Sep 2024 14:46:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893186; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=337V5Pi519r+Aob2dHQqmXh+Hu5FeW/OjtAhe2qUiCY=; b=cb8oiOMlEf49eX8YqJSc3TIerZNAXF9v88V2/b3wSowRmYGwkYUAm8UIdA1ML7y/uEEJPL n9+G4J/W5NyFUq5FMFQwoufpjTNRoyKo//me2c/+HqwT6Ul9IgNyMZ8tHMs4B9nl6vj4bj 7d8G3/3blIQRmqDywEM0lCWanD16Tt0= X-MC-Unique: 4upFFE7PNGmTYD3UZx14mA-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 8/9] virDiskNameParse: Fix integer overflow in disk name parsing Date: Mon, 9 Sep 2024 16:46:09 +0200 Message-ID: <8334351171790e63d6b62ef559fc99106e7a5cea.1725893134.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 5NILUAAF4FC4AN6PMDRHAB33F6KOIK22 X-Message-ID-Hash: 5NILUAAF4FC4AN6PMDRHAB33F6KOIK22 X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893344855116600 Content-Type: text/plain; charset="utf-8" The conversion to index entails multiplication and accumulation by user provided data which can easily overflow use VIR_MULTIPLY_ADD_IS_OVERFLOW to check if the string is valid. Closes: https://gitlab.com/libvirt/libvirt/-/issues/674 Signed-off-by: Peter Krempa --- src/util/virutil.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/util/virutil.c b/src/util/virutil.c index dc5009f11d..6c89a48e51 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -338,11 +338,17 @@ int virDiskNameParse(const char *name, int *disk, int= *partition) return -1; for (i =3D 0; *ptr; i++) { + int c =3D *ptr - 'a'; + if (!g_ascii_islower(*ptr)) break; - idx =3D (idx + (i < 1 ? 0 : 1)) * 26; - idx +=3D *ptr - 'a'; + idx =3D (idx + (i < 1 ? 0 : 1)); + + if (VIR_MULTIPLY_ADD_IS_OVERFLOW(INT_MAX, idx, 26, c)) + return -1; + + idx =3D idx * 26 + c; ptr++; } --=20 2.46.0 From nobody Sat Feb 7 17:02:50 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1725893366114520.3790512086365; Mon, 9 Sep 2024 07:49:26 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 1BE56187F; Mon, 9 Sep 2024 10:49:25 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 198EC1961; Mon, 9 Sep 2024 10:46:48 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 457B118D0; Mon, 9 Sep 2024 10:46:41 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id EECBC18D0 for ; Mon, 9 Sep 2024 10:46:27 -0400 (EDT) Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-655-mnOU0EsJMvSRUc4yrVVdTA-1; Mon, 09 Sep 2024 10:46:26 -0400 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 9C2381977017 for ; Mon, 9 Sep 2024 14:46:25 +0000 (UTC) Received: from speedmetal.redhat.com (unknown [10.45.242.7]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id D43AF1956095 for ; Mon, 9 Sep 2024 14:46:24 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725893187; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=X/nKKbDS0PTNXxV+4k4FlEOOEHm5h4+xmy1JXNGdQqg=; b=YgeMEtMfxUtH27buG4QgWQTqdpnUYYkvaSUzhXQKuoW+PawmKKwVihyzk+UlwcQWQ37WFA /tnFN67d2ZGyyAwpvJm5gZoulWmWiIkWY/WRWBCD18SododH0A9jEGT8OolEnPybewUt9g JeB0hUS+zTKs+EdmW1FEMJ7SPJsoqV8= X-MC-Unique: mnOU0EsJMvSRUc4yrVVdTA-1 From: Peter Krempa To: devel@lists.libvirt.org Subject: [PATCH 9/9] qemuxmlconfttest: Add test case for invalid disk target Date: Mon, 9 Sep 2024 16:46:10 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: E3SKS7LCMBN2BMUFKB3NDCLHX7MWV5TM X-Message-ID-Hash: E3SKS7LCMBN2BMUFKB3NDCLHX7MWV5TM X-MailFrom: pkrempa@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1725893367230116600 Content-Type: text/plain; charset="utf-8" Add a test case that the numeric overflow when parsing disk target is detected. Signed-off-by: Peter Krempa --- .../disk-target-overflow.x86_64-latest.err | 1 + .../qemuxmlconfdata/disk-target-overflow.xml | 29 +++++++++++++++++++ tests/qemuxmlconftest.c | 1 + 3 files changed, 31 insertions(+) create mode 100644 tests/qemuxmlconfdata/disk-target-overflow.x86_64-lates= t.err create mode 100644 tests/qemuxmlconfdata/disk-target-overflow.xml diff --git a/tests/qemuxmlconfdata/disk-target-overflow.x86_64-latest.err b= /tests/qemuxmlconfdata/disk-target-overflow.x86_64-latest.err new file mode 100644 index 0000000000..cae259fad7 --- /dev/null +++ b/tests/qemuxmlconfdata/disk-target-overflow.x86_64-latest.err @@ -0,0 +1 @@ +XML error: Unknown disk name 'hdaxxxxxxxxxx' and no address specified diff --git a/tests/qemuxmlconfdata/disk-target-overflow.xml b/tests/qemuxml= confdata/disk-target-overflow.xml new file mode 100644 index 0000000000..8c8a2ab843 --- /dev/null +++ b/tests/qemuxmlconfdata/disk-target-overflow.xml @@ -0,0 +1,29 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + + + + + + + + + + diff --git a/tests/qemuxmlconftest.c b/tests/qemuxmlconftest.c index 5497fb2ba1..323fd9d721 100644 --- a/tests/qemuxmlconftest.c +++ b/tests/qemuxmlconftest.c @@ -1622,6 +1622,7 @@ mymain(void) DO_TEST_CAPS_LATEST("controller-virtio-scsi"); DO_TEST_CAPS_LATEST("controller-scsi-auto"); DO_TEST_CAPS_LATEST("disk-sata-device"); + DO_TEST_CAPS_LATEST_PARSE_ERROR("disk-target-overflow"); DO_TEST_CAPS_LATEST("disk-aio"); DO_TEST_CAPS_LATEST("disk-aio-io_uring"); DO_TEST_CAPS_LATEST("disk-source-pool"); --=20 2.46.0