search for: parse_suse_release

...f1ee9ab1c7361e. Signed-off-by: Olaf Hering <olaf@aepfle.de> --- src/inspect-fs-unix.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/inspect-fs-unix.c b/src/inspect-fs-unix.c index 5fabaa2..c7d52c4 100644 --- a/src/inspect-fs-unix.c +++ b/src/inspect-fs-unix.c @@ -339,6 +339,8 @@ parse_suse_release (guestfs_h *g, struct inspect_fs *fs, const char *filename) return -1; /* First line is dist release name */ + if (lines[0] == NULL) + goto out; fs->product_name = safe_strdup (g, lines[0]); if (fs->product_name == NULL) goto out;

...lt;olaf@aepfle.de> > --- > src/inspect-fs-unix.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/src/inspect-fs-unix.c b/src/inspect-fs-unix.c > index 5fabaa2..c7d52c4 100644 > --- a/src/inspect-fs-unix.c > +++ b/src/inspect-fs-unix.c > @@ -339,6 +339,8 @@ parse_suse_release (guestfs_h *g, struct inspect_fs *fs, const char *filename) > return -1; > > /* First line is dist release name */ > + if (lines[0] == NULL) > + goto out; > fs->product_name = safe_strdup (g, lines[0]); > if (fs->product_name == NULL) > goto ou...

...:"parse_lsb_release" () in - let lines = Chroot.f chroot (fun () -> read_small_file release_file) () in + let lines = Chroot.f chroot read_small_file release_file in match lines with | None -> false @@ -229,7 +229,7 @@ and distro_of_lsb_release_distrib_id = function and parse_suse_release release_file data = let chroot = Chroot.create ~name:"parse_suse_release" () in - let lines = Chroot.f chroot (fun () -> read_small_file release_file) () in + let lines = Chroot.f chroot read_small_file release_file in match lines with | None @@ -297,14 +297,14 @@ and pars...

There's a denial of service attack possible from guests on any program that does inspection (eg. virt-inspector, many other virt-* tools, virt-v2v, OpenStack). The attack causes the host process to crash because of a double free. It's probably not exploitable (definitely not on Fedora because of the default memory hardening settings). This patch contains the fix and a reproducer:

...0007ffff69deae2 in __strlen_sse2 () from /lib64/libc.so.6 (gdb) bt #0 0x00007ffff69deae2 in __strlen_sse2 () from /lib64/libc.so.6 #1 0x00007ffff69de7e6 in strdup () from /lib64/libc.so.6 #2 0x00007ffff7b7936c in guestfs___safe_strdup (g=0x65da50, str=0x0) at alloc.c:96 #3 0x00007ffff7b8b65e in parse_suse_release (filename=<optimized out>, fs=<optimized out>, g=<optimized out>) at inspect-fs-unix.c:343 #4 guestfs___check_linux_root (g=0x65da50, fs=0x6665b0) at inspect-fs-unix.c:560 #5 0x00007ffff7b88522 in check_filesystem (is_partnum=<optimized out>, is_block=<optimized out>...

...urn -1; - } + if (guestfs_int_version_from_x_y (g, &fs->version, &lines[i][16]) == -1) + return -1; } else if (fs->product_name == NULL && (STRPREFIX (lines[i], "DISTRIB_DESCRIPTION=\"") || @@ -390,7 +362,6 @@ static int parse_suse_release (guestfs_h *g, struct inspect_fs *fs, const char *filename) { int64_t size; - char *major, *minor; CLEANUP_FREE_STRING_LIST char **lines = NULL; int r = -1; @@ -419,6 +390,8 @@ parse_suse_release (guestfs_h *g, struct inspect_fs *fs, const char *filename) /* Match SLES first becau...

Changes from v2 to v3: - split_key_value_strings renamed to parse_key_value_strings Changes from v1 to v2: - split the "simple unquoting" as helper - pass the unquoting function to split_key_value_strings - use right unquoting function when applying split_key_value_strings Pino Toscano (2): daemon: add split_key_value_strings helper daemon: use parse_key_value_strings

Add a simple helper to turn a list of strings into key/value pairs, splitting by '='. --- daemon/utils.ml | 15 +++++++++++++++ daemon/utils.mli | 6 ++++++ 2 files changed, 21 insertions(+) diff --git a/daemon/utils.ml b/daemon/utils.ml index d87ad75db..fd1681a86 100644 --- a/daemon/utils.ml +++ b/daemon/utils.ml @@ -229,3 +229,18 @@ let unix_canonical_path path = let path =

Changes from v1 to v2: - split the "simple unquoting" as helper - pass the unquoting function to split_key_value_strings - use right unquoting function when applying split_key_value_strings Pino Toscano (2): daemon: add split_key_value_strings helper daemon: use split_key_value_strings daemon/inspect_fs_unix.ml | 93 +++++++++++++++++++---------------------------- daemon/md.ml

Hi, this adds an helper version struct, and uses it in the backends (for the libvirt and qemu versions) and inspection code. This also moves common code to that, so it is not repeated in many places. This should help with the small refactoring proposed with https://www.redhat.com/archives/libguestfs/2016-May/msg00070.html Thanks, Pino Toscano (2): src: start unifying version handling

Hi, this adds an helper version struct, and uses it in the backends (for the libvirt and qemu versions) and inspection code. This also moves common code to that, so it is not repeated in many places. This should help with the small refactoring proposed with https://www.redhat.com/archives/libguestfs/2016-May/msg00070.html Thanks, Pino Toscano (2): src: start unifying version handling

On Fri, May 31, 2013 at 01:03:24AM +0200, Olaf Hering wrote: > #2 0x00007ffff7b7936c in guestfs___safe_strdup (g=0x65da50, str=0x0) at alloc.c:96 > #3 0x00007ffff7b8b65e in parse_suse_release (filename=<optimized out>, fs=<optimized out>, g=<optimized out>) at inspect-fs-unix.c:343 This is a different problem: lines = guestfs_head_n (g, 10, filename); if (lines == NULL) return -1; /* First line is dist release name */ fs->product_name = safe_strdup (g...

...ld); + pcre_free (re_opensuse_version); + pcre_free (re_sles_version); + pcre_free (re_sles_patchlevel); } static void check_architecture (guestfs_h *g, struct inspect_fs *fs); @@ -301,6 +319,82 @@ parse_lsb_release (guestfs_h *g, struct inspect_fs *fs) return r ? 1 : 0; } +static int +parse_suse_release (guestfs_h *g, struct inspect_fs *fs, const char *filename) +{ + int64_t size; + char *major, *minor; + char **lines; + int r = -1; + + /* Don't trust guestfs_head_n not to break with very large files. + * Check the file size is something reasonable first. + */ + size = guestfs_filesi...

This patch series changes a small part of the library to use __attribute__((cleanup(...))) to automatically free memory when pointers go out of the current scope. In general terms this seems to be a small win although you do have to use it carefully. For functions where you can completely get rid of the "exit code paths", it can simplify things. For a good example, see the

...else if String.is_prefix line "DISTRIB_DESCRIPTION=" then ( + ok := true; + let n = String.length line in + let product_name = String.sub line 20 (n-20) in + data.product_name <- Some product_name + ) + ) lines; + + !ok + +and parse_suse_release release_file data = + let chroot = Chroot.create ~name:"parse_suse_release" () in + let lines = Chroot.f chroot (fun () -> read_small_file release_file) () in + + match lines with + | None + | Some [] -> false + | Some lines -> + (* First line is dist release name. *) +...

...else if String.is_prefix line "DISTRIB_DESCRIPTION=" then ( + ok := true; + let n = String.length line in + let product_name = String.sub line 20 (n-20) in + data.product_name <- Some product_name + ) + ) lines; + + !ok + +and parse_suse_release release_file data = + let chroot = Chroot.create ~name:"parse_suse_release" () in + let lines = + Chroot.f chroot ( + fun () -> + if not (is_small_file release_file) then ( + eprintf "%s: not a regular file or too large\n" release_file; + No...

Here is a preliminary fix for this bug. I'm running the test suite on this now. Rich.

This is the (incomplete) patch which reimplements inspection APIs in the daemon. All ‘XXX’s in this patch indicate areas which are not yet implemented or need further work. Rich.

v9 was here: https://www.redhat.com/archives/libguestfs/2017-July/msg00139.html This depends on these three series (the first two being single minor patches): https://www.redhat.com/archives/libguestfs/2017-July/msg00207.html https://www.redhat.com/archives/libguestfs/2017-July/msg00209.html https://www.redhat.com/archives/libguestfs/2017-July/msg00215.html There is no substantive change. I

This depends on the patch series "[PATCH 00/27] Reimplement many daemon APIs in OCaml." (https://www.redhat.com/archives/libguestfs/2017-July/msg00098.html) v8 was posted here: https://www.redhat.com/archives/libguestfs/2017-June/msg00274.html v9: - I split up the mega-patch into a more reviewable series of smaller, incremental patches. There are some other changes vs v8, but