direct-io.hg

changeset 14585:3375391fb0c9

hvm: Remove access to QEMU monitor in VNC server

This fixes a RHEL5 errata and CVE-2007-0998.

The monitor is still accessible in debug builds of ioemu (debug=y).

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
author kfraser@localhost.localdomain
date Tue Mar 27 16:23:52 2007 +0100 (2007-03-27)
parents a9a39cc52e74
children 96f167771979
files tools/ioemu/Makefile.target tools/ioemu/vnc.c
line diff
     1.1 --- a/tools/ioemu/Makefile.target	Tue Mar 27 16:19:25 2007 +0100
     1.2 +++ b/tools/ioemu/Makefile.target	Tue Mar 27 16:23:52 2007 +0100
     1.3 @@ -193,6 +193,10 @@ ifdef CONFIG_SOLARIS
     1.4  LIBS+=-lsocket -lnsl -lresolv
     1.5  endif
     1.6  
     1.7 +ifeq ($(debug),y)
     1.8 +CFLAGS += -DQEMU_VNC_MONITOR_EXPORT
     1.9 +endif
    1.10 +
    1.11  # profiling code
    1.12  ifdef TARGET_GPROF
    1.13  LDFLAGS+=-p
     2.1 --- a/tools/ioemu/vnc.c	Tue Mar 27 16:19:25 2007 +0100
     2.2 +++ b/tools/ioemu/vnc.c	Tue Mar 27 16:23:52 2007 +0100
     2.3 @@ -113,8 +113,10 @@ struct VncState
     2.4      int visible_w;
     2.5      int visible_h;
     2.6  
     2.7 +#ifdef QEMU_VNC_MONITOR_EXPORT
     2.8      int ctl_keys;               /* Ctrl+Alt starts calibration */
     2.9      int shift_keys;             /* Shift / CapsLock keys */
    2.10 +#endif
    2.11      int numlock;
    2.12  };
    2.13  
    2.14 @@ -895,6 +897,7 @@ static void do_key_event(VncState *vs, i
    2.15  	    kbd_put_keycode(keycode & 0x7f);
    2.16  	else
    2.17  	    kbd_put_keycode(keycode | 0x80);
    2.18 +#ifdef QEMU_VNC_MONITOR_EXPORT
    2.19      } else if (down) {
    2.20  	int qemu_keysym = 0;
    2.21  
    2.22 @@ -922,8 +925,10 @@ static void do_key_event(VncState *vs, i
    2.23  	}
    2.24  	if (qemu_keysym != 0)
    2.25  	    kbd_put_keysym(qemu_keysym);
    2.26 +#endif
    2.27      }
    2.28  
    2.29 +#ifdef QEMU_VNC_MONITOR_EXPORT
    2.30      if (down) {
    2.31  	switch (sym) {
    2.32  	case XK_Control_L:
    2.33 @@ -976,6 +981,10 @@ static void do_key_event(VncState *vs, i
    2.34  	    break;
    2.35  	}
    2.36      }
    2.37 +#else
    2.38 +    if (!down && sym == XK_Num_Lock)
    2.39 +        vs->numlock = !vs->numlock;
    2.40 +#endif
    2.41  }
    2.42  
    2.43  static void key_event(VncState *vs, int down, uint32_t sym)