On Tue, Feb 26, 2019 at 03:46:32PM +0100, Peter Krempa wrote:
>We construct JSON objects e.g. for setting the VNC password but then
>just VIR_FREE the strings cointained inside. If it was the password
s/cointained/contained/
>string would be kept on the heap. Exchange some cpu cycles for a warm
>feeling of security.
>
>Signed-off-by: Peter Krempa <pkrempa@redhat.com>
>---
> src/util/virjson.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/src/util/virjson.c b/src/util/virjson.c
>index d5d66f879f..db38fd0dc0 100644
>--- a/src/util/virjson.c
>+++ b/src/util/virjson.c
>@@ -423,7 +423,7 @@ virJSONValueFree(virJSONValuePtr value)
> VIR_FREE(value->data.array.values);
> break;
> case VIR_JSON_TYPE_STRING:
>- VIR_FREE(value->data.string);
>+ VIR_DISPOSE_STRING(value->data.string);
This is wildly incomplete.
A more fitting solution would be to rewrite libvirt in a memory-safe
language such as Haskell
> break;
> case VIR_JSON_TYPE_NUMBER:
> VIR_FREE(value->data.number);
What if the number contains my personal PIN number?
Jano
>--
>2.20.1
>
>--
>libvir-list mailing list
>libvir-list@redhat.com
>https://www.redhat.com/mailman/listinfo/libvir-list
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list