From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:42055)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <flukshun@gmail.com>) id 1UbuOW-0007nY-G6
	for qemu-devel@nongnu.org; Mon, 13 May 2013 11:10:33 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <flukshun@gmail.com>) id 1UbuOV-0004hZ-5J
	for qemu-devel@nongnu.org; Mon, 13 May 2013 11:10:32 -0400
Received: from mail-ia0-x22d.google.com ([2607:f8b0:4001:c02::22d]:51348)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <flukshun@gmail.com>) id 1UbuOU-0004hT-Ui
	for qemu-devel@nongnu.org; Mon, 13 May 2013 11:10:31 -0400
Received: by mail-ia0-f173.google.com with SMTP id k20so799690iak.18
	for <qemu-devel@nongnu.org>; Mon, 13 May 2013 08:10:30 -0700 (PDT)
Sender: fluxion <flukshun@gmail.com>
From: Michael Roth <mdroth@linux.vnet.ibm.com>
Date: Mon, 13 May 2013 10:08:21 -0500
Message-Id: <1368457703-30663-1-git-send-email-mdroth@linux.vnet.ibm.com>
Subject: [Qemu-devel] [PULL for-1.5] qemu-ga CVE-2013-2007 addenda
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: aliguori@us.ibm.com, lersek@redhat.com

Hi Anthony,

These are fix-ups for Laszlo's CVE-2013-2007 fix:

http://www.mail-archive.com/qemu-devel@nongnu.org/msg170944.html

The main effect is to avoid cluttering filesystems with empty files if
we hit an error path in the open/create/chmod path.

I'm unable to confirm whether or not these error paths can actually be
triggered in 1.5 or are just theoretical, but I plan to apply these to
1.4.2 to be sure and so I'm also submitting this for 1.5.

If you think it's too late in the cycle to warrant these for 1.5 I can
also cherry-pick them from my QGA tree for 1.4.2 instead.

The following changes since commit 38ebb396c955ceb2ef7e246248ceb7f8bfe1b774:

  target-i386: ROR r8/r16 imm instruction fix (2013-05-10 19:59:54 +0200)

are available in the git repository at:

  http://github.com/mdroth/qemu qga-pull-2013-05-13

for you to fetch changes up to 2b720018060179b394f8ce736983373ab80dd37c:

  qga: unlink just created guest-file if fchmod() or fdopen() fails on it (2013-05-13 09:45:49 -0500)

----------------------------------------------------------------
Laszlo Ersek (2):
      qga: distinguish binary modes in "guest_file_open_modes" map
      qga: unlink just created guest-file if fchmod() or fdopen() fails on it

 qga/commands-posix.c |   25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)