xenbits.xensource.com Git - xen.git/commit

author	Ian Campbell <ian.campbell@citrix.com>
	Wed, 30 Oct 2013 08:52:30 +0000 (09:52 +0100)
committer	Jan Beulich <jbeulich@suse.com>
	Wed, 30 Oct 2013 08:52:30 +0000 (09:52 +0100)
commit	5cd1c730438c3c2cf164dd99a93627d3bcef2b9f
tree	2f83433a052fef34f7ae243600aa8884df718cf2	tree
parent	5ceec62beb350d37515341f400b170c5425d065f	commit \| diff

tools: xenstored: if the reply is too big then send E2BIG error

This fixes the issue for both C and ocaml xenstored, however only the ocaml
xenstored is vulnerable in its default configuration.

Adding a new error appears to be safe, since bit libxenstore and the Linux
driver at least treat an unknown error code as EINVAL.

This is XSA-72 / CVE-2013-4416.

Original ocaml patch by Jerome Maloberti <jerome.maloberti@citrix.com>
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Thomas Sanders <thomas.sanders@citrix.com>
master commit: 8b2c441a1b53a43a38b3c517e28f239da3349872
master date: 2013-10-29 15:45:53 +0000

tools/ocaml/xenstored/connection.ml		diff \| blob \| blame \| history
tools/xenstore/xenstored_core.c		diff \| blob \| blame \| history
xen/include/public/io/xs_wire.h		diff \| blob \| blame \| history