From nobody Tue Jan 21 04:16:26 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1736863599610513.8034034182454; Tue, 14 Jan 2025 06:06:39 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 996) id DBC3F17BB; Tue, 14 Jan 2025 09:06:38 -0500 (EST) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id D34651730; Tue, 14 Jan 2025 09:06:24 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 996) id 4B91D1709; Tue, 14 Jan 2025 09:06:22 -0500 (EST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 028D8164F for ; Tue, 14 Jan 2025 09:06:20 -0500 (EST) Received: from mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-44-nkldnkNtM4-YBlcjj7gPOg-1; Tue, 14 Jan 2025 09:06:19 -0500 Received: from mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 79A2D1955D84 for ; Tue, 14 Jan 2025 14:06:18 +0000 (UTC) Received: from ajulis-thinkpadt14gen4.remote.csb (unknown [10.43.2.183]) by mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id BD32119560AD for ; Tue, 14 Jan 2025 14:06:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1736863580; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Ap92PPgCYmNPV4d4lIc1GXIRpBf/4MNBRUHymjRr6IM=; b=ip8KCo6d2cyOw07O13NtQK0zCwq5vI1GFxQFUANWZJ7UQRbYvRyAvlJ43KDNDLjj52NjaI AmYiEXxsaFQaV5ESmQHripHFR472W4eaJlirMyLoRPtqC6ft4JLjE662wuNTgpzR1m/rHn 1e7UuMMwQVYDSWJW5UlXAl8NpWcdRXE= X-MC-Unique: nkldnkNtM4-YBlcjj7gPOg-1 X-Mimecast-MFC-AGG-ID: nkldnkNtM4-YBlcjj7gPOg From: Adam Julis To: devel@lists.libvirt.org Subject: [PATCH] secret: Check length of value in secret object Date: Tue, 14 Jan 2025 15:06:09 +0100 Message-ID: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.40 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: 0B4OOrcOB7zk-1apSCqKttJyfCKY2LOOZHLHXupXDVs_1736863578 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: DRHWGV5XZFZPUBY2CVU6MT7G225RWKYN X-Message-ID-Hash: DRHWGV5XZFZPUBY2CVU6MT7G225RWKYN X-MailFrom: ajulis@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1736863601160019000 Content-Type: text/plain; charset="utf-8"; x-default="true" Ensure that the value in the secret object is validated not only for NULL but also for its size. An empty value may not always be NULL, if it has been manually deleted from the .base64 file. Signed-off-by: Adam Julis --- src/conf/virsecretobj.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/conf/virsecretobj.c b/src/conf/virsecretobj.c index 455798d414..3cb1ec2b4b 100644 --- a/src/conf/virsecretobj.c +++ b/src/conf/virsecretobj.c @@ -719,7 +719,7 @@ virSecretObjGetValue(virSecretObj *obj) virSecretDef *def =3D obj->def; unsigned char *ret =3D NULL; =20 - if (!obj->value) { + if (!obj->value || (obj->value_size < 1 )) { char uuidstr[VIR_UUID_STRING_BUFLEN]; virUUIDFormat(def->uuid, uuidstr); virReportError(VIR_ERR_NO_SECRET, --=20 2.47.1