From: Tim <tim-qemu@sentinelchicken.org>
To: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH] Security house-cleaning
Date: Thu, 17 Jun 2004 09:05:27 -0700 [thread overview]
Message-ID: <20040617160526.GA20148@sentinelchicken.org> (raw)
In-Reply-To: <1087484840.21569.108.camel@sherbert>
> Thats only worrisome from a security perspective if qemu was designed to
> run SUID, which I doubt that it is... Of course it's a bug and needs
> fixing though.
Yes, I agree on both points. There is little I can offer to this
project right now, besides testing, and general code cleanup. I know
almost nothing about hardware emulation, so just trying to help out with
what I know...
> What would be more worrying is if there were overflows in the packet
> processing allowing (possibly compromised) guest OS or remote machines
> to take over qemu process by sending an exploit in a malformed packet.
Agreed. The slirp code in particular worries me in this respect.
> A quick note on the patch: where you are replacing strcpy() with
> strncpy(), you are better to use snprintf(buf, sizeof(buf), "%s",
> input); as that guarantees nul termination. It also allows you to easily
> check if input was truncated, in some cases, silent truncation could be
> a bug.
Ahh, good point. However, if you specify a size one less than the size
of your buffer, I believe strncpy fills the rest of your buffer w/
nulls, doesn't it? Or is that OS-specific? So far, I have been keeping
my size in strncpy() one less than the buffer size (see the 256->255
change on one particular buffer, or instance). However, this method is
prone to off-by-one bugs, so I might switch to snprintf() in some cases,
as you suggest.
> PS. Could you send README and patch as 2 attachments next time, dealing
> with attachments, and archives is a PITA when u just want to skim a
> patch :)
Sure thing, I'll do that next time.
Thanks for the input!
tim
next prev parent reply other threads:[~2004-06-17 16:05 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-17 4:38 [Qemu-devel] [PATCH] Security house-cleaning Tim
2004-06-17 15:07 ` Gianni Tedesco
2004-06-17 15:14 ` Renzo Davoli
2004-06-17 15:24 ` Panagiotis Issaris
2004-06-17 15:27 ` Sebastien Bechet
2004-06-17 16:37 ` Tim
2004-06-17 17:03 ` Sander Nagtegaal
2004-06-17 17:16 ` Gianni Tedesco
2004-06-17 19:59 ` Renzo Davoli
2004-06-17 16:05 ` Tim [this message]
2004-06-17 17:41 ` Gianni Tedesco
2004-06-18 4:13 ` Tim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040617160526.GA20148@sentinelchicken.org \
--to=tim-qemu@sentinelchicken.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).