Re: [libvirt] [PATCH 08/10] util: Introduce 'virpin' module for dealing with PIN numbers

In https://www.redhat.com/archives/libvir-list/2019-February/msg01475.html I was notified that I forgot to deal with the possibility that the JSON number would contain jtomko's PIN number. I had to look around for a leaked list of PIN numbers to avoid the problem described in the review. This commit implements a checker which will allow deciding when to nuke the JSON number string. We obviously have to spare a few CPU cycles to make Jano feel safer. --- src/libvirt_private.syms | 4 + src/util/Makefile.inc.am | 2 + src/util/virpin.c | 1053 ++++++++++++++++++++++++++++++++++++++ src/util/virpin.h | 30 ++ tests/utiltest.c | 30 ++ 5 files changed, 1119 insertions(+) create mode 100644 src/util/virpin.c create mode 100644 src/util/virpin.h

+/* This is a list of leaked pin codes obtained from + * https://pastebin.com/2qbRKh3R which I've found on the dark web. */

+static const char *virPinList[] = {

+"1190", "1191", "1192", "1193", "1194", "1195", "1196", "1197", "1198", "1199", +"1200", "1201", "1202", "1203", "1204", "1205", "1206", "1207", "1208", "1209", +"1210", "1211", "1212", "1213", "1214", "1215", "1216", "1217", "1218", "1219", +"1220", "1221", "1222", "1223", "1224", "1225", "1226", "1227", "1228", "1229", +"1230", "1231", "1232", "1233", "1234", "1235", "1236", "1237", "1238", "1239",

+"1240", "1241", "1242", "1243", "1244", "1245", "1246", "1247", "1248", "1249", +"1250", "1251", "1252", "1253", "1254", "1255", "1256", "1257", "1258", "1259", +"1260", "1261", "1262", "1263", "1264", "1265", "1266", "1267", "1268", "1269", +"1270", "1271", "1272", "1273", "1274", "1275", "1276", "1277", "1278", "1279", +"1280", "1281", "1282", "1283", "1284", "1285", "1286", "1287", "1288", "1289", +"1290", "1291", "1292", "1293", "1294", "1295", "1296", "1297", "1298", "1299",