9pfs: fix vulnerability in openat_dir() and local_unlinkat_common() - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Greg Kurz <groug@kaod.org>	2017-03-06 17:34:01 +0100
committer	Greg Kurz <groug@kaod.org>	2017-03-06 17:34:01 +0100
commit	b003fc0d8aa5e7060dbf7e5862b8013c73857c7f (patch)
tree	632eff8c91edde80c4a439fff1ade2d7573ace24 /qapi/qobject-input-visitor.c
parent	918112c02aff2bac4cb72dc2feba0cb05305813e (diff)
download	focaccia-qemu-b003fc0d8aa5e7060dbf7e5862b8013c73857c7f.tar.gz focaccia-qemu-b003fc0d8aa5e7060dbf7e5862b8013c73857c7f.zip

9pfs: fix vulnerability in openat_dir() and local_unlinkat_common()

We should pass O_NOFOLLOW otherwise openat() will follow symlinks and make
QEMU vulnerable.

While here, we also fix local_unlinkat_common() to use openat_dir() for
the same reasons (it was a leftover in the original patchset actually).

This fixes CVE-2016-9602.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

Diffstat (limited to 'qapi/qobject-input-visitor.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: