qemu/9pfs at 5ee5993001cf32addb86a92e2ae8cb090fbc1462 - qemu - SynapseOS git

mirrors/qemu

History

Greg Kurz b003fc0d8a 9pfs: fix vulnerability in openat_dir() and local_unlinkat_common()

We should pass O_NOFOLLOW otherwise openat() will follow symlinks and make
QEMU vulnerable.

While here, we also fix local_unlinkat_common() to use openat_dir() for
the same reasons (it was a leftover in the original patchset actually).

This fixes CVE-2016-9602.

Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>

2017-03-06 17:34:01 +01:00

..

9p-handle.c

9pfs: add cleanup operation for handle backend driver

2016-11-23 13:53:34 +01:00

9p-local.c

9pfs: fix vulnerability in openat_dir() and local_unlinkat_common()

2017-03-06 17:34:01 +01:00

9p-local.h

9pfs: local: open/opendir: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-posix-acl.c

9pfs: local: lremovexattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-proxy.c

9pfs: add cleanup operation for proxy backend driver

2016-11-23 13:53:34 +01:00

9p-proxy.h

…

9p-synth.c

…

9p-synth.h

9pfs: fsdev: drop useless extern annotation for functions

2016-10-17 14:13:58 +02:00

9p-util.c

9pfs: local: lgetxattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-util.h

9pfs: fix vulnerability in openat_dir() and local_unlinkat_common()

2017-03-06 17:34:01 +01:00

9p-xattr-user.c

9pfs: local: lremovexattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-xattr.c

9pfs: local: lremovexattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p-xattr.h

9pfs: local: lremovexattr: don't follow symlinks

2017-02-28 11:21:15 +01:00

9p.c

fsdev: add IO throttle support to fsdev devices

2017-02-28 10:31:46 +01:00

9p.h

9pfs: fix P9_NOTAG and P9_NOFID macros

2017-01-03 17:28:44 +01:00

codir.c

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

cofile.c

fsdev: add IO throttle support to fsdev devices

2017-02-28 10:31:46 +01:00

cofs.c

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

coth.c

coroutine: move entry argument to qemu_coroutine_create

2016-07-13 13:26:02 +02:00

coth.h

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

coxattr.c

9pfs: use coroutine_fn annotation in hw/9pfs/co*.[ch]

2016-10-17 14:13:58 +02:00

Makefile.objs

9pfs: introduce relative_openat_nofollow() helper

2017-02-28 11:21:15 +01:00

trace-events

9pfs: limit xattr size in xattrcreate

2016-11-01 12:03:02 +01:00

virtio-9p-device.c

9pfs: introduce init_out/in_iov_from_pdu

2017-01-03 17:28:44 +01:00

virtio-9p.h

9pfs: introduce transport specific callbacks

2017-01-03 17:28:44 +01:00