36 lines
1.4 KiB
Diff
36 lines
1.4 KiB
Diff
|
commit e4697b92abaad16e8e6b41a1e55be9b084d48d5a
|
||
|
Author: Daniel P. Berrange <berrange@redhat.com>
|
||
|
Date: Mon Sep 23 12:46:25 2013 +0100
|
||
|
|
||
|
Fix typo in identity code which is pre-requisite for CVE-2013-4311
|
||
|
|
||
|
The fix for CVE-2013-4311 had a pre-requisite enhancement
|
||
|
to the identity code
|
||
|
|
||
|
commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176
|
||
|
Author: Daniel P. Berrange <berrange@redhat.com>
|
||
|
Date: Thu Aug 22 16:00:01 2013 +0100
|
||
|
|
||
|
Also store user & group ID values in virIdentity
|
||
|
|
||
|
This had a typo which caused the group ID to overwrite the
|
||
|
user ID string. This meant any checks using this would have
|
||
|
the wrong ID value. This only affected the ACL code, not the
|
||
|
initial polkit auth. It also leaked memory.
|
||
|
|
||
|
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
||
|
|
||
|
Index: libvirt-1.1.2/src/rpc/virnetserverclient.c
|
||
|
===================================================================
|
||
|
--- libvirt-1.1.2.orig/src/rpc/virnetserverclient.c
|
||
|
+++ libvirt-1.1.2/src/rpc/virnetserverclient.c
|
||
|
@@ -678,7 +678,7 @@ virNetServerClientCreateIdentity(virNetS
|
||
|
goto cleanup;
|
||
|
if (!(groupname = virGetGroupName(gid)))
|
||
|
goto cleanup;
|
||
|
- if (virAsprintf(&userid, "%d", (int)gid) < 0)
|
||
|
+ if (virAsprintf(&groupid, "%d", (int)gid) < 0)
|
||
|
goto cleanup;
|
||
|
if (virAsprintf(&processid, "%llu",
|
||
|
(unsigned long long)pid) < 0)
|