From: Matthew Daley <mattd@bugfuzz.com>
To: xen-devel@lists.xen.org
Cc: Matthew Daley <mattd@bugfuzz.com>,
Ian Jackson <ian.jackson@eu.citrix.com>,
Ian Campbell <ian.campbell@citrix.com>,
Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Subject: [PATCH 11/13] libxl: use pipe instead of temporary file for VNC viewer --autopass
Date: Sun, 1 Dec 2013 23:15:05 +1300 [thread overview]
Message-ID: <1385892907-20084-12-git-send-email-mattd@bugfuzz.com> (raw)
In-Reply-To: <1385892907-20084-1-git-send-email-mattd@bugfuzz.com>
Coverity was complaining about the permissions implicitly set on the
temporary file used to pass the VNC password to the viewer when using
the --autopass feature. By replacing the use of the temporary file
with a pipe, we fix the problem (well, quiesce Coverity at least), tidy
the code and remove the buildup of temporary file cruft all at once.
Tested with TightVNC.
Coverity-ID: 1055958
Signed-off-by: Matthew Daley <mattd@bugfuzz.com>
---
tools/libxl/libxl.c | 30 +++++++++++-------------------
1 file changed, 11 insertions(+), 19 deletions(-)
diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
index ca4c2cd..41b8f60 100644
--- a/tools/libxl/libxl.c
+++ b/tools/libxl/libxl.c
@@ -1623,7 +1623,7 @@ int libxl_vncviewer_exec(libxl_ctx *ctx, uint32_t domid, int autopass)
GC_INIT(ctx);
const char *vnc_port;
const char *vnc_listen = NULL, *vnc_pass = NULL;
- int port = 0, autopass_fd = -1;
+ int port = 0, autopass_fds[2] = {-1, -1};
char *vnc_bin, *args[] = {
"vncviewer",
NULL, /* hostname:display */
@@ -1655,38 +1655,30 @@ int libxl_vncviewer_exec(libxl_ctx *ctx, uint32_t domid, int autopass)
args[1] = libxl__sprintf(gc, "%s:%d", vnc_listen, port);
if ( vnc_pass ) {
- char tmpname[] = "/tmp/vncautopass.XXXXXX";
- autopass_fd = mkstemp(tmpname);
- if ( autopass_fd < 0 ) {
- LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR,
- "mkstemp %s failed", tmpname);
- goto x_fail;
- }
-
- if ( unlink(tmpname) ) {
- /* should never happen */
- LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR,
- "unlink %s failed", tmpname);
+ if ( pipe(autopass_fds) < 0 ) {
+ LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "pipe failed");
goto x_fail;
}
- if ( libxl_write_exactly(ctx, autopass_fd, vnc_pass, strlen(vnc_pass),
- tmpname, "vnc password") )
+ if ( libxl_write_exactly(ctx, autopass_fds[1], vnc_pass, strlen(vnc_pass),
+ "(pipe)", "vnc password") )
goto x_fail;
- if ( lseek(autopass_fd, SEEK_SET, 0) ) {
- LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR,
- "rewind %s (autopass) failed", tmpname);
+ if ( close(autopass_fds[1]) < 0 ) {
+ autopass_fds[1] = -1;
goto x_fail;
}
+ autopass_fds[1] = -1;
args[2] = "-autopass";
}
- libxl__exec(gc, autopass_fd, -1, -1, args[0], args, NULL);
+ libxl__exec(gc, autopass_fds[0], -1, -1, args[0], args, NULL);
abort();
x_fail:
+ if ( autopass_fds[0] >= 0 ) close(autopass_fds[0]);
+ if ( autopass_fds[1] >= 0 ) close(autopass_fds[1]);
GC_FREE;
return ERROR_FAIL;
}
--
1.7.10.4
next prev parent reply other threads:[~2013-12-01 10:15 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-01 10:14 [PATCH 00/13] Coverity fixes for libxl Matthew Daley
2013-12-01 10:14 ` [PATCH 01/13] libxl: fix unsigned less-than-0 comparison in e820_sanitize Matthew Daley
2013-12-13 5:54 ` Matthew Daley
2013-12-13 13:23 ` Andrew Cooper
2013-12-13 17:31 ` Ian Jackson
2013-12-01 10:14 ` [PATCH 02/13] libxl: check for xc_domain_setmaxmem failure in libxl__build_pre Matthew Daley
2013-12-02 11:55 ` Ian Jackson
2013-12-02 12:11 ` [PATCH 02/13 v2] " Matthew Daley
2013-12-13 5:53 ` Matthew Daley
2013-12-13 10:17 ` Dario Faggioli
2013-12-13 17:23 ` Ian Jackson
2013-12-01 10:14 ` [PATCH 03/13] libxl: correct file open success check in libxl__device_pci_reset Matthew Daley
2013-12-02 11:57 ` Ian Jackson
2013-12-01 10:14 ` [PATCH 04/13] libxl: don't leak p in libxl__wait_for_backend Matthew Daley
2013-12-01 11:53 ` Andrew Cooper
2013-12-01 23:17 ` Matthew Daley
2013-12-02 0:27 ` [PATCH 04/13 v2] " Matthew Daley
2013-12-02 0:42 ` Andrew Cooper
2013-12-02 0:46 ` Matthew Daley
2013-12-02 0:52 ` Andrew Cooper
2013-12-02 12:00 ` Ian Jackson
2014-01-09 14:51 ` Ian Jackson
2013-12-01 10:14 ` [PATCH 05/13] libxl: remove unsigned less-than-0 comparison Matthew Daley
2013-12-02 12:05 ` Ian Jackson
2013-12-01 10:15 ` [PATCH 06/13] libxl: actually abort if initializing a ctx's lock fails Matthew Daley
2013-12-02 12:05 ` Ian Jackson
2013-12-01 10:15 ` [PATCH 07/13] libxl: don't leak output vcpu info on error in libxl_list_vcpu Matthew Daley
2013-12-02 12:05 ` Ian Jackson
2013-12-01 10:15 ` [PATCH 08/13] libxl: don't leak ptr in libxl_list_vm error case Matthew Daley
2013-12-01 12:20 ` Andrew Cooper
2013-12-02 0:30 ` Matthew Daley
2013-12-02 0:37 ` [PATCH 08/13 v2] " Matthew Daley
2013-12-02 0:39 ` Andrew Cooper
2013-12-02 2:58 ` [PATCH 08/13 v3] " Matthew Daley
2013-12-02 10:35 ` Andrew Cooper
2013-12-02 10:47 ` Matthew Daley
2013-12-02 10:50 ` Ian Campbell
2013-12-02 11:05 ` [PATCH 08/13 v4] " Matthew Daley
2013-12-02 11:10 ` Andrew Cooper
2013-12-02 12:08 ` Ian Jackson
2013-12-02 12:19 ` Matthew Daley
2013-12-02 15:03 ` Ian Jackson
2013-12-03 1:29 ` [PATCH 08/13 v5] " Matthew Daley
2013-12-03 10:21 ` Ian Campbell
2013-12-03 10:30 ` Andrew Cooper
2013-12-13 16:52 ` [PATCH 08/13 v5] libxl: don't leak ptr in libxl_list_vm error case [and 1 more messages] Ian Jackson
2013-12-13 17:05 ` Andrew Cooper
2013-12-13 17:21 ` Ian Jackson
2013-12-13 23:22 ` Matthew Daley
2013-12-13 23:26 ` Matthew Daley
2013-12-16 11:57 ` Ian Jackson
2013-12-14 1:15 ` [PATCH] xl: check for libxl_list_vm failure in print_uptime Matthew Daley
2013-12-16 11:57 ` Ian Jackson
2013-12-16 11:58 ` Ian Jackson
2013-12-13 5:52 ` [PATCH 08/13 v5] libxl: don't leak ptr in libxl_list_vm error case Matthew Daley
2013-12-01 10:15 ` [PATCH 09/13] libxl: don't leak pcidevs in libxl_pcidev_assignable Matthew Daley
2013-12-02 12:15 ` Ian Jackson
2013-12-01 10:15 ` [PATCH 10/13] libxl: don't try to fclose file twice on error in libxl_userdata_store Matthew Daley
2013-12-02 12:14 ` Ian Jackson
2013-12-02 12:24 ` Matthew Daley
2013-12-02 15:04 ` Ian Jackson
2013-12-02 23:56 ` [PATCH 10/13 v2] " Matthew Daley
2013-12-03 0:00 ` [PATCH 10/13 v3] " Matthew Daley
2013-12-03 17:28 ` Ian Jackson
2013-12-01 10:15 ` Matthew Daley [this message]
2013-12-02 12:22 ` [PATCH 11/13] libxl: use pipe instead of temporary file for VNC viewer --autopass Ian Jackson
2013-12-02 12:34 ` Matthew Daley
2013-12-01 10:15 ` [PATCH 12/13] libxl: don't leak buf in libxl_xen_console_read_start error handling Matthew Daley
2013-12-02 12:25 ` Ian Jackson
2013-12-03 1:01 ` [PATCH 12/13 v2] " Matthew Daley
2013-12-03 17:26 ` Ian Jackson
2013-12-01 10:15 ` [PATCH 13/13] libxl: replace for loop with more idiomatic do-while loop Matthew Daley
2013-12-02 12:26 ` Ian Jackson
2013-12-02 12:46 ` Matthew Daley
2013-12-01 12:22 ` [PATCH 00/13] Coverity fixes for libxl Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1385892907-20084-12-git-send-email-mattd@bugfuzz.com \
--to=mattd@bugfuzz.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).