[libvirt] [PATCH 3/4] api: disallow virConnectGetDomainCapabilities on read-only connections

Thursday, 20 June 2019

This API can be used to execute arbitrary emulators.
Forbid it on read-only connections.

Fixes: CVE-2019-10167
Signed-off-by: Ján Tomko <jtomko(a)redhat.com&gt;
Reviewed-by: Daniel P. Berrangé <berrange(a)redhat.com&gt;
---
 src/libvirt-domain.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c
index 6355f497ce..50767a75ed 100644
--- a/src/libvirt-domain.c
+++ b/src/libvirt-domain.c
@@ -11367,6 +11367,7 @@ virConnectGetDomainCapabilities(virConnectPtr conn,
     virResetLastError();
 
     virCheckConnectReturn(conn, NULL);
+    virCheckReadOnlyGoto(conn->flags, error);
 
     if (conn->driver->connectGetDomainCapabilities) {
         char *ret;
-- 
2.20.1


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH 3/4] api: disallow virConnectGetDomainCapabilities on read-only connections