| Message ID | 1368457703-30663-1-git-send-email-mdroth@linux.vnet.ibm.com |
|---|---|
| State | New |
| Headers | show
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id AB45C2C0092 for <incoming@patchwork.ozlabs.org>; Tue, 14 May 2013 01:11:08 +1000 (EST) Received: from localhost ([::1]:59524 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>) id 1UbuP4-0007t9-0S for incoming@patchwork.ozlabs.org; Mon, 13 May 2013 11:11:06 -0400 Received: from eggs.gnu.org ([208.118.235.92]:42055) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <flukshun@gmail.com>) id 1UbuOW-0007nY-G6 for qemu-devel@nongnu.org; Mon, 13 May 2013 11:10:33 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from <flukshun@gmail.com>) id 1UbuOV-0004hZ-5J for qemu-devel@nongnu.org; Mon, 13 May 2013 11:10:32 -0400 Received: from mail-ia0-x22d.google.com ([2607:f8b0:4001:c02::22d]:51348) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <flukshun@gmail.com>) id 1UbuOU-0004hT-Ui for qemu-devel@nongnu.org; Mon, 13 May 2013 11:10:31 -0400 Received: by mail-ia0-f173.google.com with SMTP id k20so799690iak.18 for <qemu-devel@nongnu.org>; Mon, 13 May 2013 08:10:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:sender:from:to:cc:subject:date:message-id:x-mailer; bh=RFbSKwWeN5jP2cxLk3B/AT2coSv8YobJOFSFd9vHrI4=; b=x9ZvSs57AEg2++4e3WvoPnQqw4RweHqgL3hay0gKNTuuCRbcX2e7k3tnlgLOXQ0z0h RfMdDg9pILb9v0Sb4UVwo2jhmmp5+FRWqhXjfjPW/HQnlhqX0nm+qYSuK4D/wL4fIDer zivsitFNLhRDAbA2qKKI53tzMIk1GIvQSc1hg9iiforfIrvnNiga9TbG8fHQM771HXcO UILpt+ECbofi21SV17FohNyWEqJow7b7W/Gj6UJ+Oxxp/xZccdFObvLW5dW/GgzMO5wP fExzFGjrp+s1l3dn3AQg0/NeGGYMWfUi7yMoZ49v8q/ZFXdGz3a+mTMXDVvK2gGO6fRK EguQ== X-Received: by 10.50.127.242 with SMTP id nj18mr10337666igb.47.1368457830502; Mon, 13 May 2013 08:10:30 -0700 (PDT) Received: from localhost ([32.97.110.51]) by mx.google.com with ESMTPSA id b6sm18940575igv.5.2013.05.13.08.10.26 for <multiple recipients> (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Mon, 13 May 2013 08:10:27 -0700 (PDT) From: Michael Roth <mdroth@linux.vnet.ibm.com> To: qemu-devel@nongnu.org Date: Mon, 13 May 2013 10:08:21 -0500 Message-Id: <1368457703-30663-1-git-send-email-mdroth@linux.vnet.ibm.com> X-Mailer: git-send-email 1.7.9.5 X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2607:f8b0:4001:c02::22d Cc: aliguori@us.ibm.com, lersek@redhat.com Subject: [Qemu-devel] [PULL for-1.5] qemu-ga CVE-2013-2007 addenda X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: <qemu-devel.nongnu.org> List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>, <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe> List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel> List-Post: <mailto:qemu-devel@nongnu.org> List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help> List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>, <mailto:qemu-devel-request@nongnu.org?subject=subscribe> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org |
Hi Anthony, These are fix-ups for Laszlo's CVE-2013-2007 fix: http://www.mail-archive.com/qemu-devel@nongnu.org/msg170944.html The main effect is to avoid cluttering filesystems with empty files if we hit an error path in the open/create/chmod path. I'm unable to confirm whether or not these error paths can actually be triggered in 1.5 or are just theoretical, but I plan to apply these to 1.4.2 to be sure and so I'm also submitting this for 1.5. If you think it's too late in the cycle to warrant these for 1.5 I can also cherry-pick them from my QGA tree for 1.4.2 instead. The following changes since commit 38ebb396c955ceb2ef7e246248ceb7f8bfe1b774: target-i386: ROR r8/r16 imm instruction fix (2013-05-10 19:59:54 +0200) are available in the git repository at: http://github.com/mdroth/qemu qga-pull-2013-05-13 for you to fetch changes up to 2b720018060179b394f8ce736983373ab80dd37c: qga: unlink just created guest-file if fchmod() or fdopen() fails on it (2013-05-13 09:45:49 -0500) ---------------------------------------------------------------- Laszlo Ersek (2): qga: distinguish binary modes in "guest_file_open_modes" map qga: unlink just created guest-file if fchmod() or fdopen() fails on it qga/commands-posix.c | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-)