rpm/libvirt
SHA256
1
0
Fork 0
forked from pool/libvirt
Code Pull Requests Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=33

Browse Source
This commit is contained in:
OBS User unknown 2008-12-18 14:36:11 +00:00 committed by Git OBS Bridge
parent cd748b2804
commit b090beae85
3 changed files with 141 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
cve-2008-5086.patch Normal file
View File

@ -0,0 +1,129 @@
Index: libvirt-0.4.6/src/libvirt.c
===================================================================
--- libvirt-0.4.6.orig/src/libvirt.c
+++ libvirt-0.4.6/src/libvirt.c
@@ -2342,6 +2342,16 @@ virDomainMigrate (virDomainPtr domain,
return NULL;
}
+ if (domain->conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return NULL;
+ }
+ if (dconn->flags & VIR_CONNECT_RO) {
+ /* NB, delibrately report error against source object, not dest here */
+ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return NULL;
+ }
+
/* Check that migration is supported by both drivers. */
if (!VIR_DRV_SUPPORTS_FEATURE (conn->driver, conn,
VIR_DRV_FEATURE_MIGRATION_V1) ||
@@ -2419,6 +2429,11 @@ __virDomainMigratePrepare (virConnectPtr
return -1;
}
+ if (dconn->flags & VIR_CONNECT_RO) {
+ virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return -1;
+ }
+
if (dconn->driver->domainMigratePrepare)
return dconn->driver->domainMigratePrepare (dconn, cookie, cookielen,
uri_in, uri_out,
@@ -2449,6 +2464,11 @@ __virDomainMigratePerform (virDomainPtr
}
conn = domain->conn;
+ if (domain->conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return -1;
+ }
+
if (conn->driver->domainMigratePerform)
return conn->driver->domainMigratePerform (domain, cookie, cookielen,
uri,
@@ -2476,6 +2496,11 @@ __virDomainMigrateFinish (virConnectPtr
return NULL;
}
+ if (dconn->flags & VIR_CONNECT_RO) {
+ virLibConnError(dconn, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return NULL;
+ }
+
if (dconn->driver->domainMigrateFinish)
return dconn->driver->domainMigrateFinish (dconn, dname,
cookie, cookielen,
@@ -2833,6 +2858,11 @@ virDomainBlockPeek (virDomainPtr dom,
}
conn = dom->conn;
+ if (dom->conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(dom, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return (-1);
+ }
+
if (!path) {
virLibDomainError (dom, VIR_ERR_INVALID_ARG,
_("path is NULL"));
@@ -2908,6 +2938,11 @@ virDomainMemoryPeek (virDomainPtr dom,
}
conn = dom->conn;
+ if (dom->conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(dom, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return (-1);
+ }
+
/* Flags must be VIR_MEMORY_VIRTUAL at the moment.
*
* Note on access to physical memory: A VIR_MEMORY_PHYSICAL flag is
@@ -3175,6 +3210,11 @@ virDomainSetAutostart(virDomainPtr domai
conn = domain->conn;
+ if (domain->conn->flags & VIR_CONNECT_RO) {
+ virLibDomainError(domain, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return (-1);
+ }
+
if (conn->driver->domainSetAutostart)
return conn->driver->domainSetAutostart (domain, autostart);
@@ -4125,6 +4165,11 @@ virNetworkSetAutostart(virNetworkPtr net
return (-1);
}
+ if (network->conn->flags & VIR_CONNECT_RO) {
+ virLibNetworkError(network, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return (-1);
+ }
+
conn = network->conn;
if (conn->networkDriver && conn->networkDriver->networkSetAutostart)
@@ -4323,6 +4368,11 @@ virConnectFindStoragePoolSources(virConn
return NULL;
}
+ if (conn->flags & VIR_CONNECT_RO) {
+ virLibConnError(conn, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return NULL;
+ }
+
if (conn->storageDriver && conn->storageDriver->findPoolSources)
return conn->storageDriver->findPoolSources(conn, type, srcSpec, flags);
@@ -4996,6 +5046,11 @@ virStoragePoolSetAutostart(virStoragePoo
return (-1);
}
+ if (pool->conn->flags & VIR_CONNECT_RO) {
+ virLibStoragePoolError(pool, VIR_ERR_OPERATION_DENIED, __FUNCTION__);
+ return (-1);
+ }
+
conn = pool->conn;
if (conn->storageDriver && conn->storageDriver->poolSetAutostart)

6
libvirt.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Mon Dec 15 12:40:41 MST 2008 - jfehlig@novell.com
- Patch for CVE-2008-5086
bnc#459009
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Dec 5 13:52:31 MST 2008 - jfehlig@novell.com Fri Dec 5 13:52:31 MST 2008 - jfehlig@novell.com

7
libvirt.spec
View File

@ -49,7 +49,7 @@ License: LGPL v2.1 or later
Group: Development/Libraries/C and C++ Group: Development/Libraries/C and C++
AutoReqProv: yes AutoReqProv: yes
Version: 0.4.6 Version: 0.4.6
Release: 12 Release: 13
Summary: A C toolkit to interract with the virtualization capabilities of Linux Summary: A C toolkit to interract with the virtualization capabilities of Linux
Requires: readline Requires: readline
Requires: ncurses Requires: ncurses
@ -85,6 +85,7 @@ Patch15: suse-network.patch
Patch16: xen-pv-cdrom.patch Patch16: xen-pv-cdrom.patch
Patch17: detach-disk.patch Patch17: detach-disk.patch
Patch18: migrate-params.patch Patch18: migrate-params.patch
Patch19: cve-2008-5086.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description %description
@ -194,6 +195,7 @@ Authors:
%patch16 -p1 %patch16 -p1
%patch17 -p1 %patch17 -p1
%patch18 -p1 %patch18 -p1
%patch19 -p1
rm po/no.* rm po/no.*
%build %build
@ -326,6 +328,9 @@ rm -rf $RPM_BUILD_ROOT
%{py_sitedir}/libvirtmod* %{py_sitedir}/libvirtmod*
%changelog %changelog
* Mon Dec 15 2008 jfehlig@novell.com
- Patch for CVE-2008-5086
bnc#459009
* Fri Dec 05 2008 jfehlig@novell.com * Fri Dec 05 2008 jfehlig@novell.com
- Fix migration of Xen domains - Fix migration of Xen domains
bnc#456946 bnc#456946