From: Gianni Tedesco <gianni@scaramanga.co.uk>
To: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH] security_20040618
Date: Sat, 19 Jun 2004 10:11:43 +0100 [thread overview]
Message-ID: <1087636303.3375.200.camel@sherbert> (raw)
In-Reply-To: <20040618184036.GA1874@sentinelchicken.org>
[-- Attachment #1: Type: text/plain, Size: 1578 bytes --]
On Fri, 2004-06-18 at 11:40 -0700, Tim wrote:
> Updates to this, from the previous version two days ago, include
> additional strcpy replacements, as well as TODO comments pointing out
> unhealthy calls to {m,re}alloc, which don't check for NULL return
> values. (I am not sure how to handle error return codes in most places,
> so just comments for now.) Also pstrcpy() in vl.c was simplified, but
> should behave exactly the same as before.
In dyngen you need to do:
if ( ptr == NULL )
error("malloc failed");
error() will never return.
For the other places it depends, but it's ususally quite simple. Why not
have a stab and submit a seperate patch on top of this one?
Also - Abother low hanging fruit may be /tmp file races. You could
probably make sure mkstmp is being used where possible etc.. and/or use
of /tmp files elimated as much as possible.... Or try setup a
$(HOME)/.qemu dir for that stuff. I know QEMU_TMPDIR is checked in vl.c
but the standard TMPDIR probably ought to be aswell if we DO use /tmp.
I mean, if root saves log to /tmp/qemu.log any user on the system may
obliterate any file (ln -s /etc/passwrd /tmp/qemu.log) as /tmp is the
default choice, perhaps root should know better, but maybe we should use
sane defaults like $(HOME)/qemu.log.
If people are interested in janitorial stuff like this, please, go right
ahead :)
--
// Gianni Tedesco (gianni at scaramanga dot co dot uk)
lynx --source www.scaramanga.co.uk/scaramanga.asc | gpg --import
8646BE7D: 6D9F 2287 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2004-06-19 9:13 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-18 18:40 [Qemu-devel] [PATCH] security_20040618 Tim
2004-06-19 9:11 ` Gianni Tedesco [this message]
2004-06-19 15:19 ` Tim
2004-06-19 15:26 ` Gianni Tedesco
2004-06-19 15:44 ` Fabrice Bellard
2004-06-19 16:01 ` Tim
2004-06-19 17:11 ` Fabrice Bellard
[not found] <200406181841.i5IIfZQa019337@treas.simtreas.ru>
2004-06-19 7:37 ` Vladimir N. Oleynik
2004-06-19 15:05 ` Tim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1087636303.3375.200.camel@sherbert \
--to=gianni@scaramanga.co.uk \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).