* [PATCH] qga: fix leak of base64 decoded data on command error
@ 2021-08-09 13:10 Daniel P. Berrangé
2021-08-09 13:34 ` Marc-André Lureau
0 siblings, 1 reply; 2+ messages in thread
From: Daniel P. Berrangé @ 2021-08-09 13:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Michael Roth, Daniel P. Berrangé, Peter Maydell
If the guest command fails to be spawned, then we would leak the decoded
base64 input used for the command's stdin feed.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
qga/commands.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/qga/commands.c b/qga/commands.c
index a6491d2cf8..80501e4a73 100644
--- a/qga/commands.c
+++ b/qga/commands.c
@@ -402,7 +402,7 @@ GuestExec *qmp_guest_exec(const char *path,
GIOChannel *in_ch, *out_ch, *err_ch;
GSpawnFlags flags;
bool has_output = (has_capture_output && capture_output);
- uint8_t *input = NULL;
+ g_autofree uint8_t *input = NULL;
size_t ninput = 0;
arglist.value = (char *)path;
@@ -441,7 +441,7 @@ GuestExec *qmp_guest_exec(const char *path,
g_child_watch_add(pid, guest_exec_child_watch, gei);
if (has_input_data) {
- gei->in.data = input;
+ gei->in.data = g_steal_pointer(&input);
gei->in.size = ninput;
#ifdef G_OS_WIN32
in_ch = g_io_channel_win32_new_fd(in_fd);
--
2.31.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] qga: fix leak of base64 decoded data on command error
2021-08-09 13:10 [PATCH] qga: fix leak of base64 decoded data on command error Daniel P. Berrangé
@ 2021-08-09 13:34 ` Marc-André Lureau
0 siblings, 0 replies; 2+ messages in thread
From: Marc-André Lureau @ 2021-08-09 13:34 UTC (permalink / raw)
To: Daniel P. Berrangé; +Cc: Michael Roth, QEMU, Peter Maydell
[-- Attachment #1: Type: text/plain, Size: 1323 bytes --]
On Mon, Aug 9, 2021 at 5:11 PM Daniel P. Berrangé <berrange@redhat.com>
wrote:
> If the guest command fails to be spawned, then we would leak the decoded
> base64 input used for the command's stdin feed.
>
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---
> qga/commands.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/qga/commands.c b/qga/commands.c
> index a6491d2cf8..80501e4a73 100644
> --- a/qga/commands.c
> +++ b/qga/commands.c
> @@ -402,7 +402,7 @@ GuestExec *qmp_guest_exec(const char *path,
> GIOChannel *in_ch, *out_ch, *err_ch;
> GSpawnFlags flags;
> bool has_output = (has_capture_output && capture_output);
> - uint8_t *input = NULL;
> + g_autofree uint8_t *input = NULL;
> size_t ninput = 0;
>
> arglist.value = (char *)path;
> @@ -441,7 +441,7 @@ GuestExec *qmp_guest_exec(const char *path,
> g_child_watch_add(pid, guest_exec_child_watch, gei);
>
> if (has_input_data) {
> - gei->in.data = input;
> + gei->in.data = g_steal_pointer(&input);
> gei->in.size = ninput;
> #ifdef G_OS_WIN32
> in_ch = g_io_channel_win32_new_fd(in_fd);
> --
> 2.31.1
>
>
>
--
Marc-André Lureau
[-- Attachment #2: Type: text/html, Size: 2123 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-08-09 13:36 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-08-09 13:10 [PATCH] qga: fix leak of base64 decoded data on command error Daniel P. Berrangé
2021-08-09 13:34 ` Marc-André Lureau
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).