From nobody Thu May 16 20:31:20 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=1; a=rsa-sha256; t=1690013845; cv=none; d=zohomail.com; s=zohoarc; b=RJiXuj0qOofCrKgM1RPXVLfIbZjLF/lDIwEbMQS6Nc52L+IJQMW1sQzgrrxcVy1F9QrkNxn4PK4haM/g4TaT3xtJXkWLQCNkA6z6spcPAkNnIBqb1Azx9BrzRorLMPnhg2/ypM5bJA84LwSCgMeQdwE1O52Dpp6DcBn8+2cqOiU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1690013845; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=r+WpFCfUEhtaV9T33uK5LGEUOuSmGQRC70pWzEcNNf8=; b=TNbdoZprxOS8b9ILu7ahk5EXSNHPryaS3L5YdHiUc43sl00f8SuvVImBsp9dYmOgQYelLEx+1LUvKYOkHiCRfijO87L/Psk78dpPnBcLqVPAjlFhVkOIIzQKgNH/l+aX9K2O1iscOfPnic1jbrhxywFtZYJrrmU89RjpFFoq2L8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1690013845000590.8410312270116; Sat, 22 Jul 2023 01:17:25 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.567879.887351 (Exim 4.92) (envelope-from ) id 1qN7nN-0000sc-4y; Sat, 22 Jul 2023 08:16:57 +0000 Received: by outflank-mailman (output) from mailman id 567879.887351; Sat, 22 Jul 2023 08:16:57 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1qN7nN-0000sV-1R; Sat, 22 Jul 2023 08:16:57 +0000 Received: by outflank-mailman (input) for mailman id 567879; Sat, 22 Jul 2023 08:16:56 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1qN7nM-0000sH-7l for xen-devel@lists.xenproject.org; Sat, 22 Jul 2023 08:16:56 +0000 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 1e75c7bb-2868-11ee-b23a-6b7b168915f2; Sat, 22 Jul 2023 10:16:55 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id AF8741FD99; Sat, 22 Jul 2023 08:16:54 +0000 (UTC) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 83AAA1346D; Sat, 22 Jul 2023 08:16:54 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id wffKHnaQu2S/QQAAMHmgww (envelope-from ); Sat, 22 Jul 2023 08:16:54 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 1e75c7bb-2868-11ee-b23a-6b7b168915f2 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1690013814; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=r+WpFCfUEhtaV9T33uK5LGEUOuSmGQRC70pWzEcNNf8=; b=PL4BgzEcV8HMEYahyguXSL9OxjkC7VJw3fT+6m1olauOsj3mZXQhTV25G1BQO4Tks2FuYq W0L4Ghc70d3l5q3/Qr+CAgoILO4qpLMFZM1iONb7oFshSNVQlojYevVaztDaqLurRRk5Uu iIea8CrWyYtjVFf5begoNGgm+iY0Gpw= From: Juergen Gross To: xen-devel@lists.xenproject.org Cc: Juergen Gross , Wei Liu , Julien Grall , Anthony PERARD Subject: [PATCH v2 1/2] tools/xenstore: add const to the return type of canonicalize() Date: Sat, 22 Jul 2023 10:16:45 +0200 Message-Id: <20230722081646.4136-2-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20230722081646.4136-1-jgross@suse.com> References: <20230722081646.4136-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @suse.com) X-ZM-MESSAGEID: 1690013845859100001 Content-Type: text/plain; charset="utf-8" The return type of canonicalize() can be modified to const char *. This avoids the need to cast the const away from the input parameter. There need to be quite some other functions modified to take const parameters in order to avoid further casts. Signed-off-by: Juergen Gross --- tools/xenstore/xenstored_core.c | 22 ++++++++++++---------- tools/xenstore/xenstored_core.h | 3 ++- tools/xenstore/xenstored_watch.c | 16 ++++++++++------ 3 files changed, 24 insertions(+), 17 deletions(-) diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_cor= e.c index a1d3047e48..3d3c39bd70 100644 --- a/tools/xenstore/xenstored_core.c +++ b/tools/xenstore/xenstored_core.c @@ -1216,25 +1216,26 @@ static char *perms_to_strings(const void *ctx, cons= t struct node_perms *perms, return strings; } =20 -char *canonicalize(struct connection *conn, const void *ctx, const char *n= ode) +const char *canonicalize(struct connection *conn, const void *ctx, + const char *node) { const char *prefix; =20 if (!node || (node[0] =3D=3D '/') || (node[0] =3D=3D '@')) - return (char *)node; + return node; prefix =3D get_implicit_path(conn); if (prefix) return talloc_asprintf(ctx, "%s/%s", prefix, node); - return (char *)node; + return node; } =20 static struct node *get_node_canonicalized(struct connection *conn, const void *ctx, const char *name, - char **canonical_name, + const char **canonical_name, unsigned int perm) { - char *tmp_name; + const char *tmp_name; =20 if (!canonical_name) canonical_name =3D &tmp_name; @@ -1249,7 +1250,7 @@ static struct node *get_node_canonicalized(struct con= nection *conn, } =20 static struct node *get_spec_node(struct connection *conn, const void *ctx, - const char *name, char **canonical_name, + const char *name, const char **canonical_name, unsigned int perm) { if (name[0] =3D=3D '@') @@ -1539,7 +1540,7 @@ static int do_write(const void *ctx, struct connectio= n *conn, unsigned int offset, datalen; struct node *node; char *vec[1] =3D { NULL }; /* gcc4 + -W + -Werror fucks code. */ - char *name; + const char *name; =20 /* Extra "strings" can be created by binary data. */ if (get_strings(in, vec, ARRAY_SIZE(vec)) < ARRAY_SIZE(vec)) @@ -1574,7 +1575,7 @@ static int do_mkdir(const void *ctx, struct connectio= n *conn, struct buffered_data *in) { struct node *node; - char *name; + const char *name; =20 node =3D get_node_canonicalized(conn, ctx, onearg(in), &name, XS_PERM_WRITE); @@ -1703,7 +1704,7 @@ static int do_rm(const void *ctx, struct connection *= conn, { struct node *node; int ret; - char *name; + const char *name; char *parentname; =20 node =3D get_node_canonicalized(conn, ctx, onearg(in), &name, @@ -1765,7 +1766,8 @@ static int do_set_perms(const void *ctx, struct conne= ction *conn, struct buffered_data *in) { struct node_perms perms, old_perms; - char *name, *permstr; + const char *name; + char *permstr; struct node *node; =20 perms.num =3D xenstore_count_strings(in->buffer, in->used); diff --git a/tools/xenstore/xenstored_core.h b/tools/xenstore/xenstored_cor= e.h index 84a611cbb5..4184a4b7ef 100644 --- a/tools/xenstore/xenstored_core.h +++ b/tools/xenstore/xenstored_core.h @@ -224,7 +224,8 @@ void send_event(struct buffered_data *req, struct conne= ction *conn, void send_ack(struct connection *conn, enum xsd_sockmsg_type type); =20 /* Canonicalize this path if possible. */ -char *canonicalize(struct connection *conn, const void *ctx, const char *n= ode); +const char *canonicalize(struct connection *conn, const void *ctx, + const char *node); =20 /* Get access permissions. */ unsigned int perm_for_conn(struct connection *conn, diff --git a/tools/xenstore/xenstored_watch.c b/tools/xenstore/xenstored_wa= tch.c index 4195c59e17..f92fbeb73a 100644 --- a/tools/xenstore/xenstored_watch.c +++ b/tools/xenstore/xenstored_watch.c @@ -161,7 +161,7 @@ static int destroy_watch(void *_watch) } =20 static int check_watch_path(struct connection *conn, const void *ctx, - char **path, bool *relative) + const char **path, bool *relative) { /* Check if valid event. */ if (strstarts(*path, "@")) { @@ -184,8 +184,9 @@ static int check_watch_path(struct connection *conn, co= nst void *ctx, return errno; } =20 -static struct watch *add_watch(struct connection *conn, char *path, char *= token, - bool relative, bool no_quota_check) +static struct watch *add_watch(struct connection *conn, const char *path, + const char *token, bool relative, + bool no_quota_check) { struct watch *watch; =20 @@ -218,12 +219,14 @@ int do_watch(const void *ctx, struct connection *conn= , struct buffered_data *in) { struct watch *watch; char *vec[2]; + const char *path; bool relative; =20 if (get_strings(in, vec, ARRAY_SIZE(vec)) !=3D ARRAY_SIZE(vec)) return EINVAL; =20 - errno =3D check_watch_path(conn, ctx, &(vec[0]), &relative); + path =3D vec[0]; + errno =3D check_watch_path(conn, ctx, &path, &relative); if (errno) return errno; =20 @@ -258,7 +261,8 @@ int do_unwatch(const void *ctx, struct connection *conn, struct buffered_data *in) { struct watch *watch; - char *node, *vec[2]; + const char *node; + char *vec[2]; =20 if (get_strings(in, vec, ARRAY_SIZE(vec)) !=3D ARRAY_SIZE(vec)) return EINVAL; @@ -336,7 +340,7 @@ void read_state_watch(const void *ctx, const void *stat= e) { const struct xs_state_watch *sw =3D state; struct connection *conn; - char *path, *token; + const char *path, *token; bool relative; =20 conn =3D get_connection_by_id(sw->conn_id); --=20 2.35.3 From nobody Thu May 16 20:31:20 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=quarantine dis=none) header.from=suse.com ARC-Seal: i=1; a=rsa-sha256; t=1690013846; cv=none; d=zohomail.com; s=zohoarc; b=aWLmN2GDfcI0UQhCGmIHjphUHxbZfrp5JQs+H3gR9Y892NeaRat4TlMiP9tstDDaCgfMChg+KPHftweyzBRh3aiql+JrKNjp+4yF/LimWlUnchVbEM4T1qORdRtKBqvXTjvZV5ZTPiTQ+a+Iiu55C7LYFOmR5gqExF+8dIfd+oc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1690013846; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Kd7YFY39EtpfbWA0cD3V6qSiR/q/58pWNd+JYYA4Oc4=; b=ghJKxO5qJyYLXnPyDRBxUcWWRVXoBwKKN+ebbLtOcCUMe8neiaBuv8GzS6vtvVCemEhAcrh2N630G5Pq97RTR8HyJnuX38cg2lKoMnrwf+TTJ53/CHfoHPEMtoxGTF4bK2/x9YWpmujmFI5RmSKTfEN6hFm3VHpwogeq/fJiv0Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=quarantine dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1690013846661355.7314775956215; Sat, 22 Jul 2023 01:17:26 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.567880.887361 (Exim 4.92) (envelope-from ) id 1qN7nS-0001Ah-CE; Sat, 22 Jul 2023 08:17:02 +0000 Received: by outflank-mailman (output) from mailman id 567880.887361; Sat, 22 Jul 2023 08:17:02 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1qN7nS-0001Aa-97; Sat, 22 Jul 2023 08:17:02 +0000 Received: by outflank-mailman (input) for mailman id 567880; Sat, 22 Jul 2023 08:17:00 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1qN7nQ-0000sH-UM for xen-devel@lists.xenproject.org; Sat, 22 Jul 2023 08:17:00 +0000 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 21ca3d1a-2868-11ee-b23a-6b7b168915f2; Sat, 22 Jul 2023 10:17:00 +0200 (CEST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 4B89B1FD99; Sat, 22 Jul 2023 08:17:00 +0000 (UTC) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 1AFDA1346D; Sat, 22 Jul 2023 08:17:00 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id MZknBXyQu2TGQQAAMHmgww (envelope-from ); Sat, 22 Jul 2023 08:17:00 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 21ca3d1a-2868-11ee-b23a-6b7b168915f2 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1690013820; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Kd7YFY39EtpfbWA0cD3V6qSiR/q/58pWNd+JYYA4Oc4=; b=ZtA5qAX5FeosMEBzMZ5nABWpmR2ywfNbkBQO1fLkDoXxxGNrMgKUOhiUyU699pLl9UXpE5 exGehh2Ll7i4My3c2/1/lNxnORpyife5CxojsEAiotB3l/SRkFM8sSeXPz7yRsPukAwyIc nzZpZ+TajwwMj8LzQRdfXv+OubI8/Ao= From: Juergen Gross To: xen-devel@lists.xenproject.org Cc: Juergen Gross , Wei Liu , Julien Grall , Anthony PERARD Subject: [PATCH v2 2/2] tools/xenstore: fix get_spec_node() Date: Sat, 22 Jul 2023 10:16:46 +0200 Message-Id: <20230722081646.4136-3-jgross@suse.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20230722081646.4136-1-jgross@suse.com> References: <20230722081646.4136-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @suse.com) X-ZM-MESSAGEID: 1690013847335100003 Content-Type: text/plain; charset="utf-8" In case get_spec_node() is being called for a special node starting with '@' it won't set *canonical_name. This can result in a crash of xenstored due to dereferencing the uninitialized name in fire_watches(). This is no security issue as it requires either a privileged caller or ownership of the special node in question by an unprivileged caller (which is questionable, as this would make the owner privileged in some way). Fixes: d6bb63924fc2 ("tools/xenstore: introduce dummy nodes for special wat= ch paths") Signed-off-by: Juergen Gross Reviewed-by: Julien Grall --- tools/xenstore/xenstored_core.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_cor= e.c index 3d3c39bd70..749717ec25 100644 --- a/tools/xenstore/xenstored_core.c +++ b/tools/xenstore/xenstored_core.c @@ -1253,8 +1253,11 @@ static struct node *get_spec_node(struct connection = *conn, const void *ctx, const char *name, const char **canonical_name, unsigned int perm) { - if (name[0] =3D=3D '@') + if (name[0] =3D=3D '@') { + if (canonical_name) + *canonical_name =3D name; return get_node(conn, ctx, name, perm); + } =20 return get_node_canonicalized(conn, ctx, name, canonical_name, perm); } --=20 2.35.3