search for: parse_lsb_release

...release file called /etc/mandriva-release. + * + * CoreOS has a /etc/lsb-release link to /usr/share/coreos/lsb-release containing: + * DISTRIB_ID=CoreOS + * DISTRIB_RELEASE=647.0.0 + * DISTRIB_CODENAME="Red Dog" + * DISTRIB_DESCRIPTION="CoreOS 647.0.0" */ static int -parse_lsb_release (guestfs_h *g, struct inspect_fs *fs) +parse_lsb_release (guestfs_h *g, struct inspect_fs *fs, const char *filename) { - const char *filename = "/etc/lsb-release"; int64_t size; CLEANUP_FREE_STRING_LIST char **lines = NULL; size_t i; @@ -208,6 +213,11 @@ parse_lsb_release (gues...

...release file called /etc/mandriva-release. + * + * CoreOS has a /etc/lsb-release link to /usr/share/coreos/lsb-release containing: + * DISTRIB_ID=CoreOS + * DISTRIB_RELEASE=647.0.0 + * DISTRIB_CODENAME="Red Dog" + * DISTRIB_DESCRIPTION="CoreOS 647.0.0" */ static int -parse_lsb_release (guestfs_h *g, struct inspect_fs *fs) +parse_lsb_release (guestfs_h *g, struct inspect_fs *fs, const char *filename) { - const char *filename = "/etc/lsb-release"; int64_t size; CLEANUP_FREE_STRING_LIST char **lines = NULL; size_t i; @@ -208,6 +213,11 @@ parse_lsb_release (gues...

...ad_n (g, 10, filename); if (lines == NULL) return -1; /* First line is dist release name */ fs->product_name = safe_strdup (g, lines[0]); <<<--- if (fs->product_name == NULL) goto out; The code doesn't check that lines[0] != NULL. I don't see a problem in parse_lsb_release however. Do you have a stack trace from that? Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjon...

...e ~name:"parse_os_release" () in - let lines = Chroot.f chroot (fun () -> read_small_file release_file) () in + let lines = Chroot.f chroot read_small_file release_file in match lines with | None -> false @@ -182,7 +182,7 @@ and distro_of_os_release_id = function *) and parse_lsb_release release_file data = let chroot = Chroot.create ~name:"parse_lsb_release" () in - let lines = Chroot.f chroot (fun () -> read_small_file release_file) () in + let lines = Chroot.f chroot read_small_file release_file in match lines with | None -> false @@ -229,7 +229,7 @@...

...va-release. > + * > + * CoreOS has a /etc/lsb-release link to /usr/share/coreos/lsb-release containing: > + * DISTRIB_ID=CoreOS > + * DISTRIB_RELEASE=647.0.0 > + * DISTRIB_CODENAME="Red Dog" > + * DISTRIB_DESCRIPTION="CoreOS 647.0.0" > + *) > +and parse_lsb_release release_file data = TBH, since both parse_os_release and parse_lsb_release are rewritten in OCaml, I'd try a better approach for them: add an helper function that read such kind of files (ignoring empty lines, and those starting with '#'), split them in lines, and map the lines into (k...

...ror */ + return -1; + if (r == 1) /* ok - detected the release from this file */ + goto skip_release_checks; + } + if (guestfs_is_file_opts (g, "/share/coreos/lsb-release", GUESTFS_IS_FILE_OPTS_FOLLOWSYMLINKS, 1, -1) > 0) { r = parse_lsb_release (g, fs, "/share/coreos/lsb-release"); @@ -1062,6 +1074,8 @@ guestfs_int_check_coreos_usr (guestfs_h *g, struct inspect_fs *fs) return -1; } + skip_release_checks:; + /* Determine the architecture. */ check_architecture (g, fs); -- 2.5.5

Changes from v2 to v3: - split_key_value_strings renamed to parse_key_value_strings Changes from v1 to v2: - split the "simple unquoting" as helper - pass the unquoting function to split_key_value_strings - use right unquoting function when applying split_key_value_strings Pino Toscano (2): daemon: add split_key_value_strings helper daemon: use parse_key_value_strings

Add a simple helper to turn a list of strings into key/value pairs, splitting by '='. --- daemon/utils.ml | 15 +++++++++++++++ daemon/utils.mli | 6 ++++++ 2 files changed, 21 insertions(+) diff --git a/daemon/utils.ml b/daemon/utils.ml index d87ad75db..fd1681a86 100644 --- a/daemon/utils.ml +++ b/daemon/utils.ml @@ -229,3 +229,18 @@ let unix_canonical_path path = let path =

Changes from v1 to v2: - split the "simple unquoting" as helper - pass the unquoting function to split_key_value_strings - use right unquoting function when applying split_key_value_strings Pino Toscano (2): daemon: add split_key_value_strings helper daemon: use split_key_value_strings daemon/inspect_fs_unix.ml | 93 +++++++++++++++++++---------------------------- daemon/md.ml

There's a denial of service attack possible from guests on any program that does inspection (eg. virt-inspector, many other virt-* tools, virt-v2v, OpenStack). The attack causes the host process to crash because of a double free. It's probably not exploitable (definitely not on Fedora because of the default memory hardening settings). This patch contains the fix and a reproducer:

On Mon, Oct 16, 2017 at 05:58:10PM +0200, Pino Toscano wrote: > Add a simple helper to turn a list of strings into key/value pairs, > splitting by '=', with the possibility to apply a function to unquote > values. > > Add also a simple unquote function. > --- > daemon/utils.ml | 16 ++++++++++++++++ > daemon/utils.mli | 11 +++++++++++ > 2 files changed, 27

...if (r == 1) /* ok - detected the release from this file */ > + goto skip_release_checks; > + } > + > if (guestfs_is_file_opts (g, "/share/coreos/lsb-release", > GUESTFS_IS_FILE_OPTS_FOLLOWSYMLINKS, 1, -1) > 0) { > r = parse_lsb_release (g, fs, "/share/coreos/lsb-release"); > @@ -1062,6 +1074,8 @@ guestfs_int_check_coreos_usr (guestfs_h *g, struct inspect_fs *fs) > return -1; > } > > + skip_release_checks:; > + > /* Determine the architecture. */ > check_architecture (g, fs); Se...

...Of course whether writers of > /etc/os-release are doing the right thing is another issue. I guess > there is no validation). Yes, this is what patch #2 already does, in parse_os_release: + let values = split_key_value_strings ~unquote:shell_unquote lines in simple_unquote is used for parse_lsb_release: I could not find any standard documentation for its format, and the examples I have have either no quoting, or double quoting. > > +let split_key_value_strings ?unquote lines = > > Can we call this function something like ‘parse_key_value_file’? Most > of our other parsing functi...

..._block=0, is_partnum=2) at inspect-fs.c:152 #7 0x00007ffff7b86980 in guestfs__inspect_os (g=0x65da50) at inspect.c:86 #8 0x00007ffff7b1c91b in guestfs_inspect_os (g=0x65da50) at actions-1.c:397 #9 0x0000000000406ba9 in main (argc=3, argv=<optimized out>) at virt-inspector.c:273 Looks like parse_lsb_release and parse_suse_release needs a similar change. I will test a patch. Olaf

...k - detected the release from this file */ >> + goto skip_release_checks; >> + } >> + >> if (guestfs_is_file_opts (g, "/share/coreos/lsb-release", >> GUESTFS_IS_FILE_OPTS_FOLLOWSYMLINKS, 1, -1) > 0) { >> r = parse_lsb_release (g, fs, "/share/coreos/lsb-release"); >> @@ -1062,6 +1074,8 @@ guestfs_int_check_coreos_usr (guestfs_h *g, struct inspect_fs *fs) >> return -1; >> } >> >> + skip_release_checks:; >> + >> /* Determine the architecture. */ >>...

.../* error */ + return -1; + if (r == 1) /* ok - detected the release from this file */ + goto skip_release_checks; + } + if (guestfs_is_file_opts (g, "/etc/lsb-release", GUESTFS_IS_FILE_OPTS_FOLLOWSYMLINKS, 1, -1) > 0) { r = parse_lsb_release (g, fs, "/etc/lsb-release"); -- 2.1.0

...a normal release file called /etc/mandriva-release. + * + * CoreOS has a /etc/lsb-release link to /usr/share/coreos/lsb-release containing: + * DISTRIB_ID=CoreOS + * DISTRIB_RELEASE=647.0.0 + * DISTRIB_CODENAME="Red Dog" + * DISTRIB_DESCRIPTION="CoreOS 647.0.0" + *) +and parse_lsb_release release_file data = + let chroot = Chroot.create ~name:"parse_lsb_release" () in + let lines = Chroot.f chroot (fun () -> read_small_file release_file) () in + + match lines with + | None -> false + | Some lines -> + (* Some distros (eg. RHEL 3) have a bare lsb-release f...

This patch series changes a small part of the library to use __attribute__((cleanup(...))) to automatically free memory when pointers go out of the current scope. In general terms this seems to be a small win although you do have to use it carefully. For functions where you can completely get rid of the "exit code paths", it can simplify things. For a good example, see the

...a normal release file called /etc/mandriva-release. + * + * CoreOS has a /etc/lsb-release link to /usr/share/coreos/lsb-release containing: + * DISTRIB_ID=CoreOS + * DISTRIB_RELEASE=647.0.0 + * DISTRIB_CODENAME="Red Dog" + * DISTRIB_DESCRIPTION="CoreOS 647.0.0" + *) +and parse_lsb_release release_file data = + let chroot = Chroot.create ~name:"parse_lsb_release" () in + let lines = + Chroot.f chroot ( + fun () -> + if not (is_small_file release_file) then ( + eprintf "%s: not a regular file or too large\n" release_file; + Non...

...pcre_free (re_netbsd); + pcre_free (re_opensuse); + pcre_free (re_sles); + pcre_free (re_nld); + pcre_free (re_opensuse_version); + pcre_free (re_sles_version); + pcre_free (re_sles_patchlevel); } static void check_architecture (guestfs_h *g, struct inspect_fs *fs); @@ -301,6 +319,82 @@ parse_lsb_release (guestfs_h *g, struct inspect_fs *fs) return r ? 1 : 0; } +static int +parse_suse_release (guestfs_h *g, struct inspect_fs *fs, const char *filename) +{ + int64_t size; + char *major, *minor; + char **lines; + int r = -1; + + /* Don't trust guestfs_head_n not to break with very large...