From nobody Thu May 16 14:44:18 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1534149878223705.1622813992494;
 Mon, 13 Aug 2018 01:44:38 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
 [10.5.11.23])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 1A41DC057F82;
	Mon, 13 Aug 2018 08:44:35 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 198AB194BC;
	Mon, 13 Aug 2018 08:44:34 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0DBD418037ED;
	Mon, 13 Aug 2018 08:44:32 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
	[10.11.54.4])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w7D8iVCw031911 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 13 Aug 2018 04:44:31 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id E5FAE2026D76; Mon, 13 Aug 2018 08:44:30 +0000 (UTC)
Received: from localhost.localdomain (ovpn-204-61.brq.redhat.com
	[10.40.204.61])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 689072026D66
	for <libvir-list@redhat.com>; Mon, 13 Aug 2018 08:44:30 +0000 (UTC)
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Mon, 13 Aug 2018 10:44:20 +0200
Message-Id: 
 <e78549665ba4ce6cc2f999ac16b64a70d6ef3bb8.1534149729.git.mprivozn@redhat.com>
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH] storage: Properly terminate secrets
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]);
 Mon, 13 Aug 2018 08:44:35 +0000 (UTC)
X-ZohoMail: RDMRC_0  RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

The virSecretGetSecretString() helper looks up a secret for given
pool and returns its value in @secret_value and its length in
@secret_value_size. However, the trailing '\0' is not included in
either of the variables. This is because usually the value of the
secret is passed to some encoder (usually base64 encoder) where
the trailing zero must not be accounted for.

However, in two places we actually want the string as we don't
process is any further.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: J=EF=BF=BDn Tomko <jtomko@redhat.com>
---

I wonder if putting this realloc into virSecretGetSecretString() would
be a better fix or not. I mean, without changing @secret_size. Opinions?

 src/storage/storage_backend_iscsi.c        | 5 +++++
 src/storage/storage_backend_iscsi_direct.c | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_back=
end_iscsi.c
index 6242cd0fac..55fe47f5e1 100644
--- a/src/storage/storage_backend_iscsi.c
+++ b/src/storage/storage_backend_iscsi.c
@@ -303,6 +303,11 @@ virStorageBackendISCSISetAuth(const char *portal,
                                  &secret_value, &secret_size) < 0)
         goto cleanup;
=20
+    if (VIR_REALLOC_N(secret_value, secret_size + 1) < 0)
+        goto cleanup;
+
+    secret_value[secret_size] =3D '\0';
+
     if (virISCSINodeUpdate(portal,
                            source->devices[0].path,
                            "node.session.auth.authmethod",
diff --git a/src/storage/storage_backend_iscsi_direct.c b/src/storage/stora=
ge_backend_iscsi_direct.c
index 1624066e9c..0d7d6ba9c3 100644
--- a/src/storage/storage_backend_iscsi_direct.c
+++ b/src/storage/storage_backend_iscsi_direct.c
@@ -115,6 +115,11 @@ virStorageBackendISCSIDirectSetAuth(struct iscsi_conte=
xt *iscsi,
                                  &secret_value, &secret_size) < 0)
         goto cleanup;
=20
+    if (VIR_REALLOC_N(secret_value, secret_size + 1) < 0)
+        goto cleanup;
+
+    secret_value[secret_size] =3D '\0';
+
     if (iscsi_set_initiator_username_pwd(iscsi,
                                          authdef->username,
                                          (const char *)secret_value) < 0) {
--=20
2.16.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list