From: Magnus Carlsson <magnus@galois.com>
To: xen-devel@lists.xensource.com
Subject: Fix for unassigned errno in xenstored_core.c
Date: Fri, 10 Nov 2006 11:45:21 -0800 [thread overview]
Message-ID: <4554D6D1.6070608@galois.com> (raw)
In-Reply-To: <eacc82a40610311232o71fa6e84g64c20c03ca21e810@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 482 bytes --]
Dear all,
In certain cases, when a client doesn't have enough permissions, the
errno variable is not set in xenstored_core.c before its value is
reported back. As a result, the client can learn about the errno of the
last failed request to xenstored (which could have come from another
client). (An unintended information channel! :-)
Attached is a patch that I believe fixes the problem. Also included are
a couple of test cases that demonstrate the problem.
Cheers,
Magnus
[-- Attachment #2: xenstored_core.patch --]
[-- Type: text/x-patch, Size: 690 bytes --]
*** xenstore/xenstored_core.c Sun Apr 9 15:05:54 2006
--- xs/xenstored_core.c Fri Nov 3 15:57:13 2006
***************
*** 555,562 ****
/* If we don't have permission, we don't have node. */
if (node) {
if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
! != perm)
node = NULL;
}
/* Clean up errno if they weren't supposed to know. */
if (!node)
--- 555,564 ----
/* If we don't have permission, we don't have node. */
if (node) {
if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
! != perm) {
! errno = EACCES;
node = NULL;
+ }
}
/* Clean up errno if they weren't supposed to know. */
if (!node)
[-- Attachment #3: 99permissions.test --]
[-- Type: text/plain, Size: 255 bytes --]
write /a/b v
setperm /a 1 READ
setperm /a/b 1 NONE
expect read failed: No such file or directory
read /nonexistent
setid 2
# this should presumably fail with EACCES, but fails with previous error instead
expect read failed: Permission denied
read /a/b
[-- Attachment #4: 99permissions2.test --]
[-- Type: text/plain, Size: 236 bytes --]
write /a/b v
setperm /a 1 READ
setperm /a/b 1 NONE
expect read failed: Invalid argument
read //
setid 2
# this should presumably fail with EACCES, but fails with previous error instead
expect read failed: Permission denied
read /a/b
[-- Attachment #5: Type: text/plain, Size: 138 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
parent reply other threads:[~2006-11-10 19:45 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <eacc82a40610311232o71fa6e84g64c20c03ca21e810@mail.gmail.com>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4554D6D1.6070608@galois.com \
--to=magnus@galois.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.