Message ID | 1371542723-926-1-git-send-email-armbru@redhat.com |
---|---|
State | New |
Headers | show |
On Tue, Jun 18, 2013 at 10:05:23AM +0200, Markus Armbruster wrote: > Watch this: > > $ upstream-qemu -nodefaults -S -vnc :0,acl,sasl -monitor stdio > QEMU 1.5.50 monitor - type 'help' for more information > (qemu) acl_add vnc.username drei allow > acl: added rule at position 1 > (qemu) acl_show vnc.username > policy: deny > 1: allow drei > (qemu) acl_add vnc.username zwei allow 1 > acl: added rule at position 2 > (qemu) acl_show vnc.username > policy: deny > 1: allow drei > 2: allow zwei > (qemu) acl_add vnc.username eins allow 1 > acl: added rule at position 1 > (qemu) acl_show vnc.username > policy: deny > 1: allow eins > 2: allow drei > 3: allow zwei > > The second acl_add inserts at position 2 instead of 1. > > Root cause is an off-by-one in qemu_acl_insert(): when index == > acl->nentries, it appends instead of inserting before the last list > element. > > Cc: qemu-stable@nongnu.org > Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Michael Roth <mdroth@linux.vnet.ibm.com> > --- > util/acl.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/util/acl.c b/util/acl.c > index a7f33ff..938b7ae 100644 > --- a/util/acl.c > +++ b/util/acl.c > @@ -138,9 +138,9 @@ int qemu_acl_insert(qemu_acl *acl, > > if (index <= 0) > return -1; > - if (index >= acl->nentries) > + if (index > acl->nentries) { > return qemu_acl_append(acl, deny, match); > - > + } > > entry = g_malloc(sizeof(*entry)); > entry->match = g_strdup(match); > -- > 1.7.11.7 > >
18.06.2013 12:05, Markus Armbruster wrote: [] > The second acl_add inserts at position 2 instead of 1. > > Root cause is an off-by-one in qemu_acl_insert(): when index == > acl->nentries, it appends instead of inserting before the last list > element. Thanks, applied to the trivial patches queue. /mjt
Ping re 1.5.3 Markus Armbruster <armbru@redhat.com> writes: > Watch this: > > $ upstream-qemu -nodefaults -S -vnc :0,acl,sasl -monitor stdio > QEMU 1.5.50 monitor - type 'help' for more information > (qemu) acl_add vnc.username drei allow > acl: added rule at position 1 > (qemu) acl_show vnc.username > policy: deny > 1: allow drei > (qemu) acl_add vnc.username zwei allow 1 > acl: added rule at position 2 > (qemu) acl_show vnc.username > policy: deny > 1: allow drei > 2: allow zwei > (qemu) acl_add vnc.username eins allow 1 > acl: added rule at position 1 > (qemu) acl_show vnc.username > policy: deny > 1: allow eins > 2: allow drei > 3: allow zwei > > The second acl_add inserts at position 2 instead of 1. > > Root cause is an off-by-one in qemu_acl_insert(): when index == > acl->nentries, it appends instead of inserting before the last list > element. > > Cc: qemu-stable@nongnu.org > Signed-off-by: Markus Armbruster <armbru@redhat.com> > --- > util/acl.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/util/acl.c b/util/acl.c > index a7f33ff..938b7ae 100644 > --- a/util/acl.c > +++ b/util/acl.c > @@ -138,9 +138,9 @@ int qemu_acl_insert(qemu_acl *acl, > > if (index <= 0) > return -1; > - if (index >= acl->nentries) > + if (index > acl->nentries) { > return qemu_acl_append(acl, deny, match); > - > + } > > entry = g_malloc(sizeof(*entry)); > entry->match = g_strdup(match);
diff --git a/util/acl.c b/util/acl.c index a7f33ff..938b7ae 100644 --- a/util/acl.c +++ b/util/acl.c @@ -138,9 +138,9 @@ int qemu_acl_insert(qemu_acl *acl, if (index <= 0) return -1; - if (index >= acl->nentries) + if (index > acl->nentries) { return qemu_acl_append(acl, deny, match); - + } entry = g_malloc(sizeof(*entry)); entry->match = g_strdup(match);
Watch this: $ upstream-qemu -nodefaults -S -vnc :0,acl,sasl -monitor stdio QEMU 1.5.50 monitor - type 'help' for more information (qemu) acl_add vnc.username drei allow acl: added rule at position 1 (qemu) acl_show vnc.username policy: deny 1: allow drei (qemu) acl_add vnc.username zwei allow 1 acl: added rule at position 2 (qemu) acl_show vnc.username policy: deny 1: allow drei 2: allow zwei (qemu) acl_add vnc.username eins allow 1 acl: added rule at position 1 (qemu) acl_show vnc.username policy: deny 1: allow eins 2: allow drei 3: allow zwei The second acl_add inserts at position 2 instead of 1. Root cause is an off-by-one in qemu_acl_insert(): when index == acl->nentries, it appends instead of inserting before the last list element. Cc: qemu-stable@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> --- util/acl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)