7 Dec
2010
7 Dec
'10
11:04 p.m.
On 12/07/2010 02:49 PM, Matthias Bolte wrote:
2010/12/7 Eric Blake <eblake@redhat.com>:
* src/openvz/openvz_conf.c (openvzLoadDomains): Replace unsafe sscanf with safe direct parsing. (openvzGetVEID): Avoid lost integer overflow detection. (openvzAssignUUIDs): Likewise, and detect readdir failure. ---
v2: new patch; plugs a potential security hole, since *scanf("%s",fixed_width_buffer) is exploitable, but the exploit could only happen if /usr/sbin/vzlist is compromised.
src/openvz/openvz_conf.c | 39 +++++++++++++++++++++++++-------------- 1 files changed, 25 insertions(+), 14 deletions(-)
ACK.
Thanks; I've pushed the series. -- Eric Blake eblake@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org