[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] security_20040618
From: |
Gianni Tedesco |
Subject: |
Re: [Qemu-devel] [PATCH] security_20040618 |
Date: |
Sat, 19 Jun 2004 10:11:43 +0100 |
On Fri, 2004-06-18 at 11:40 -0700, Tim wrote:
> Updates to this, from the previous version two days ago, include
> additional strcpy replacements, as well as TODO comments pointing out
> unhealthy calls to {m,re}alloc, which don't check for NULL return
> values. (I am not sure how to handle error return codes in most places,
> so just comments for now.) Also pstrcpy() in vl.c was simplified, but
> should behave exactly the same as before.
In dyngen you need to do:
if ( ptr == NULL )
error("malloc failed");
error() will never return.
For the other places it depends, but it's ususally quite simple. Why not
have a stab and submit a seperate patch on top of this one?
Also - Abother low hanging fruit may be /tmp file races. You could
probably make sure mkstmp is being used where possible etc.. and/or use
of /tmp files elimated as much as possible.... Or try setup a
$(HOME)/.qemu dir for that stuff. I know QEMU_TMPDIR is checked in vl.c
but the standard TMPDIR probably ought to be aswell if we DO use /tmp.
I mean, if root saves log to /tmp/qemu.log any user on the system may
obliterate any file (ln -s /etc/passwrd /tmp/qemu.log) as /tmp is the
default choice, perhaps root should know better, but maybe we should use
sane defaults like $(HOME)/qemu.log.
If people are interested in janitorial stuff like this, please, go right
ahead :)
--
// Gianni Tedesco (gianni at scaramanga dot co dot uk)
lynx --source www.scaramanga.co.uk/scaramanga.asc | gpg --import
8646BE7D: 6D9F 2287 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
signature.asc
Description: This is a digitally signed message part