From nobody Sat May 11 06:21:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1561972679; cv=none; d=zoho.com; s=zohoarc; b=ZgFJLdG1SGqI5dUxysY2Oq17yv26jn+VCYdcBTpKJ1o9sUPMlvg1tTzsJAf4mxVlt4c0Ul/lyqq0mFsVkPg2cZYoLQVSvhgDDTuVdKO5gggYBIkiCAMU+l/iMacjJtXGuVAxUH/gDzxUeX+UE1o2eIRvo9pS6b7uUSQ98DYLe7s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1561972679; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=U7JRU0x+DlgwBMPq0Q4jF0EWcJV2TAR6Ok7gCl4Vuhs=; b=Oo/C0IYDqV71HNTgI/TJMbtvvovfe2d+g0lO9aNvHhPLCvoRWDFNJR2k4daH8cQUnBJTtPOAwQp/t/qHHtyYtWsY/8P28bySfHKumQ6qRFXdn7tT9AjMOhFzPftz4Ea3SI8KkB+h1dCBOSSHFgp53eaeOldlVa0rSY6xBYuv2bk= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1561972679125499.4601691092174; Mon, 1 Jul 2019 02:17:59 -0700 (PDT) Received: from localhost ([::1]:56280 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhsRg-0002o9-Af for importer@patchew.org; Mon, 01 Jul 2019 05:17:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45234) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhsLW-00055w-Af for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:35 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hhsLU-0007kY-QD for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:34 -0400 Received: from mx1.redhat.com ([209.132.183.28]:39704) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hhsLU-0007VH-Kp for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:32 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 262BB13A41; Mon, 1 Jul 2019 09:11:15 +0000 (UTC) Received: from localhost.localdomain (unknown [10.33.36.5]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 558AF17502; Mon, 1 Jul 2019 09:11:12 +0000 (UTC) From: P J P To: Qemu Developers Date: Mon, 1 Jul 2019 14:39:02 +0530 Message-Id: <20190701090904.31312-2-ppandit@redhat.com> In-Reply-To: <20190701090904.31312-1-ppandit@redhat.com> References: <20190701090904.31312-1-ppandit@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Mon, 01 Jul 2019 09:11:15 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 1/3] qemu-bridge-helper: restrict interface name to IFNAMSIZ X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Riccardo Schirone , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , Jason Wang , Li Qiang , Prasad J Pandit Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Prasad J Pandit The interface names in qemu-bridge-helper are defined to be of size IFNAMSIZ(=3D16), including the terminating null('\0') byte. The same is applied to interface names read from 'bridge.conf' file to form ACLs rules. If user supplied '--br=3Dbridge' name is not restricted to the same length, it could lead to ACL bypass issue. Restrict interface name to IFNAMSIZ, including null byte. Reported-by: Riccardo Schirone Signed-off-by: Prasad J Pandit --- qemu-bridge-helper.c | 11 +++++++++++ 1 file changed, 11 insertions(+) Update v2: report an error and exit -> https://lists.gnu.org/archive/html/qemu-devel/2019-06/msg06239.html diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c index f9940deefd..8ec0a65174 100644 --- a/qemu-bridge-helper.c +++ b/qemu-bridge-helper.c @@ -109,6 +109,13 @@ static int parse_acl_file(const char *filename, ACLLis= t *acl_list) } *argend =3D 0; =20 + if (strcmp(cmd, "include") && strlen(arg) >=3D IFNAMSIZ) { + fprintf(stderr, "name `%s' too long: %lu\n", arg, strlen(arg)); + fclose(f); + errno =3D EINVAL; + return -1; + } + if (strcmp(cmd, "deny") =3D=3D 0) { acl_rule =3D g_malloc(sizeof(*acl_rule)); if (strcmp(arg, "all") =3D=3D 0) { @@ -259,6 +266,10 @@ int main(int argc, char **argv) usage(); return EXIT_FAILURE; } + if (strlen(bridge) >=3D IFNAMSIZ) { + fprintf(stderr, "name `%s' too long: %lu\n", bridge, strlen(bridge= )); + return EXIT_FAILURE; + } =20 /* parse default acl file */ QSIMPLEQ_INIT(&acl_list); --=20 2.21.0 From nobody Sat May 11 06:21:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1561972413; cv=none; d=zoho.com; s=zohoarc; b=YX2JHPHYuv0J7Bbyi5rW4bTlnN7YYWv23eyXYmRZk0uwfG+mNeWNwzmd+a9sdPy/8Y7bVWLdukveoDFFn4pAm8ZC06bPKNEImj/9Z9csXkp5w17UexvNao/zCOqATnCaYLbhqz5oD4fl5CSa7qom6JNK5P1fBJKSIMmAx7+uRIo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1561972413; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=SpYzsopD8NNYxuXDHOwQTEqixAoUsW4OuIgmGkZ0hnc=; b=gdgVvCd/akjWoe1b3/31UtYsKsQS0N+dWwBpgpWN+E36usSCbAwTK5pDbA2JQNsk9AyiUe8IoXGcLuKUdhDsBfVO4bYFTqtcRsUdbrBtOxuZNeqYBsMeat6yozhdx05jF/7w7UPQJeO1LwG9mcMHsentoz2tZP0aCX5eD7Yrw+c= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1561972413437701.2569963055423; Mon, 1 Jul 2019 02:13:33 -0700 (PDT) Received: from localhost ([::1]:56228 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhsNK-0007Fd-PQ for importer@patchew.org; Mon, 01 Jul 2019 05:13:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45327) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhsLg-0005RD-SC for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hhsLf-0007yG-TU for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:44 -0400 Received: from mx1.redhat.com ([209.132.183.28]:50308) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hhsLf-0007cA-L4 for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:43 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E4A92308FB82; Mon, 1 Jul 2019 09:11:18 +0000 (UTC) Received: from localhost.localdomain (unknown [10.33.36.5]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D96F417502; Mon, 1 Jul 2019 09:11:15 +0000 (UTC) From: P J P To: Qemu Developers Date: Mon, 1 Jul 2019 14:39:03 +0530 Message-Id: <20190701090904.31312-3-ppandit@redhat.com> In-Reply-To: <20190701090904.31312-1-ppandit@redhat.com> References: <20190701090904.31312-1-ppandit@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]); Mon, 01 Jul 2019 09:11:18 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 2/3] qemu-bridge-helper: move repeating code in parse_acl_file X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Riccardo Schirone , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , Jason Wang , Li Qiang , Prasad J Pandit Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Prasad J Pandit Move repeating error handling sequence in parse_acl_file routine to an 'err' label. Signed-off-by: Prasad J Pandit Reviewed-by: Daniel P. Berrang=C3=A9 --- qemu-bridge-helper.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c index 8ec0a65174..da647de38f 100644 --- a/qemu-bridge-helper.c +++ b/qemu-bridge-helper.c @@ -92,9 +92,7 @@ static int parse_acl_file(const char *filename, ACLList *= acl_list) =20 if (arg =3D=3D NULL) { fprintf(stderr, "Invalid config line:\n %s\n", line); - fclose(f); - errno =3D EINVAL; - return -1; + goto err; } =20 *arg =3D 0; @@ -111,9 +109,7 @@ static int parse_acl_file(const char *filename, ACLList= *acl_list) =20 if (strcmp(cmd, "include") && strlen(arg) >=3D IFNAMSIZ) { fprintf(stderr, "name `%s' too long: %lu\n", arg, strlen(arg)); - fclose(f); - errno =3D EINVAL; - return -1; + goto err; } =20 if (strcmp(cmd, "deny") =3D=3D 0) { @@ -139,15 +135,17 @@ static int parse_acl_file(const char *filename, ACLLi= st *acl_list) parse_acl_file(arg, acl_list); } else { fprintf(stderr, "Unknown command `%s'\n", cmd); - fclose(f); - errno =3D EINVAL; - return -1; + goto err; } } =20 fclose(f); - return 0; + +err: + fclose(f); + errno =3D EINVAL; + return -1; } =20 static bool has_vnet_hdr(int fd) --=20 2.21.0 From nobody Sat May 11 06:21:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1561972488; cv=none; d=zoho.com; s=zohoarc; b=TdkHI2T+kPZgDLiV4jY6N4FQQgTpZWNb/gZtSh9/owFIeB/+6Kx2e5RGJkGlTrCHvP/sZB9xLHZFVg8T2MPzUlrjy5KCIOr8Hl0ecAc5rupaak7SzIGVgKGe3E/ZanwqWdQB3YrNGtDwYeZc5kqWGMNcCtxCj3qHnmgWDVzl49o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1561972488; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=7JMzrkuTGZiQuq9s56UR+Ni+YYeXhz9KMGV55P73LG0=; b=RYBlowcMb/twsMxyeangfBSk1bgBDfcokHOVeFhJ0cbGCUH33lCeBlHebEn/lcXqSE/3QchG5+cyFTTKfeaXytMgrpki65ryaFBwR1iG5B89dGtD0d/0+XbsOdsz7ja49Mks5GqnxiVmuEMWhBFSOzk/k7frTWiA3WbmaUhLimk= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1561972488521927.5730069375113; Mon, 1 Jul 2019 02:14:48 -0700 (PDT) Received: from localhost ([::1]:56232 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhsOa-0008WR-Gv for importer@patchew.org; Mon, 01 Jul 2019 05:14:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45270) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hhsLb-0005GI-3a for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hhsLa-0007rk-4Z for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:39 -0400 Received: from mx1.redhat.com ([209.132.183.28]:40922) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hhsLZ-0007bF-UR for qemu-devel@nongnu.org; Mon, 01 Jul 2019 05:11:38 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id CA6D25946B; Mon, 1 Jul 2019 09:11:22 +0000 (UTC) Received: from localhost.localdomain (unknown [10.33.36.5]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A9E6C17502; Mon, 1 Jul 2019 09:11:19 +0000 (UTC) From: P J P To: Qemu Developers Date: Mon, 1 Jul 2019 14:39:04 +0530 Message-Id: <20190701090904.31312-4-ppandit@redhat.com> In-Reply-To: <20190701090904.31312-1-ppandit@redhat.com> References: <20190701090904.31312-1-ppandit@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Mon, 01 Jul 2019 09:11:22 +0000 (UTC) Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH v2 3/3] net: tap: restrict bridge name to IFNAMSIZ X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Riccardo Schirone , =?UTF-8?q?Daniel=20P=20=2E=20Berrang=C3=A9?= , Jason Wang , Li Qiang , Prasad J Pandit Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" Content-Type: text/plain; charset="utf-8" From: Prasad J Pandit The interface name in Linux interface request struct 'ifreq' OR in qemu-bridge-helper is defined to be of size IFNAMSIZ(=3D16), including the terminating null('\0') byte. QEMU tap device, while invoking qemu-bridge-helper, supplies bridge name of 16 characters, restrict it to IFNAMESIZ-1 to accommodate terminating null('\0') byte. Signed-off-by: Prasad J Pandit --- net/tap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/tap.c b/net/tap.c index e8aadd8d4b..ca8536624c 100644 --- a/net/tap.c +++ b/net/tap.c @@ -499,7 +499,7 @@ static int net_bridge_run_helper(const char *helper, co= nst char *bridge, if (pid =3D=3D 0) { int open_max =3D sysconf(_SC_OPEN_MAX), i; char fd_buf[6+10]; - char br_buf[6+IFNAMSIZ] =3D {0}; + char br_buf[5+IFNAMSIZ] =3D {0}; char helper_cmd[PATH_MAX + sizeof(fd_buf) + sizeof(br_buf) + 15]; =20 for (i =3D 3; i < open_max; i++) { --=20 2.21.0