direct-io.hg

changeset 12373:d108efc94de7

[XENSTORED] Fix errno 'leak' in xenstored.

In certain cases, when a client doesn't have enough permissions, the
errno variable is not set in xenstored_core.c before its value is
reported back. As a result, the client can learn about the errno of
the last failed request to xenstored (which could have come from
another client). (An unintended information channel! :-)

From: Magnus Carlsson <magnus@galois.com>
Signed-off-by: Keir Fraser <keir@xensource.com>
author kaf24@localhost.localdomain
date Sat Nov 11 01:23:11 2006 +0000 (2006-11-11)
parents ddb3581f4f1c
children 825be74657c3
files tools/xenstore/xenstored_core.c
line diff
     1.1 --- a/tools/xenstore/xenstored_core.c	Sat Nov 11 01:19:26 2006 +0000
     1.2 +++ b/tools/xenstore/xenstored_core.c	Sat Nov 11 01:23:11 2006 +0000
     1.3 @@ -575,8 +575,10 @@ struct node *get_node(struct connection 
     1.4  	/* If we don't have permission, we don't have node. */
     1.5  	if (node) {
     1.6  		if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
     1.7 -		    != perm)
     1.8 +		    != perm) {
     1.9 +			errno = EACCES;
    1.10  			node = NULL;
    1.11 +		}
    1.12  	}
    1.13  	/* Clean up errno if they weren't supposed to know. */
    1.14  	if (!node)