Re: [PATCH] network: ensure nparams is non-negative

On Tue, Apr 16, 2024 at 12:58:53PM +0200, Ján Tomko wrote:

On a Tuesday in 2024, Daniel P. Berrangé wrote:

...

The typed parameter array must be either 0, or a positive number.

Does this matter?

The API documentation says: * @nparams: pointer to received number of interface parameter

and it looks like we ignore the number as long as params is NULL.

This missing check is something I noticed when fixing the recent CVE about RPC checking nparams. In all other APIs we have such a virCheckNonNegativeArgGoto for '*nparams', this was the only one that was missing. I believe it is harmless in terms of risk to libvirt/libvirtd, but it might lead to better detection/reporting of bugs in apps.

...

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/libvirt-network.c | 2 ++ 1 file changed, 2 insertions(+)

diff --git a/src/libvirt-network.c b/src/libvirt-network.c index ef17a8a04d..e467716b6a 100644 --- a/src/libvirt-network.c +++ b/src/libvirt-network.c @@ -1577,6 +1577,8 @@ virNetworkPortGetParameters(virNetworkPortPtr port, virCheckNetworkPortReturn(port, -1); conn = port->net->conn;

+ virCheckNonNegativeArgGoto(*nparams, error); + if (conn->networkDriver && conn->networkDriver->networkPortGetParameters) { int ret; ret = conn->networkDriver->networkPortGetParameters(port, params, nparams, flags); -- 2.43.0 _______________________________________________ Devel mailing list -- devel@lists.libvirt.org To unsubscribe send an email to devel-leave@lists.libvirt.org

With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|