]> xenbits.xensource.com Git - qemu-xen-traditional.git/commit
projects / qemu-xen-traditional.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: df553c0) | patch
main loop: Big hammer to fix logfile disk DoS in Xen setups
authorIan Jackson <ian.jackson@eu.citrix.com>
Thu, 19 May 2016 18:38:35 +0000 (19:38 +0100)
committerIan Jackson <Ian.Jackson@eu.citrix.com>
Fri, 10 Jun 2016 10:48:46 +0000 (11:48 +0100)
commit6e20809727261599e8527c456eb078c0e89139a1
tree50c29d76997d2c67d3e8c432f148403eedb0f029tree
parentdf553c056104e3dd8a2bd2e72539a57c4c085baecommit | diff
main loop: Big hammer to fix logfile disk DoS in Xen setups

Each time round the main loop, we now fstat stderr.  If it is too big,
we dup2 /dev/null onto it.  This is not a very pretty patch but it is
very simple, easy to see that it's correct, and has a low risk of
collateral damage.

There is no limit by default but can be adjusted by setting a new
environment variable.

This is part of CVE-2014-3672.

Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Tested-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Set the default to 0 so that it won't affect non-xen installation. The
limit will be set by Xen toolstack.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
(ad-hoc cherry-pick from 44a072f0de0d57c95c2212bbce02888832b7b74f)
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
vl.c diff | blob | blame | history
qemu-xen-traditional tree