api: disallow virDomainGetHostname for read-only connections

The virDomainGetHostname API is fetching guest information and this may involve use of an untrusted guest agent. As such its use must be forbidden on a read-only connection to libvirt. Fixes CVE-2019-3886 Reviewed-by: N Jim Fehlig <jfehlig@suse.com> Signed-off-by: N Daniel P. Berrangé <berrange@redhat.com>

api: disallow virDomainGetHostname for read-only connections
The virDomainGetHostname API is fetching guest information and this may involve use of an untrusted guest agent. As such its use must be forbidden on a read-only connection to libvirt. Fixes CVE-2019-3886 Reviewed-by: N Jim Fehlig <jfehlig@suse.com> Signed-off-by: N Daniel P. Berrangé <berrange@redhat.com>
2a07c990 · Daniel P. Berrangé · ec59a95a · 2a07c990
隐藏空白更改
内联并排

Showing with 2 addition and 0 deletion

src/libvirt-domain.c src/libvirt-domain.c +2 -0

未找到文件。
--- a/src/libvirt-domain.c
+++ b/src/libvirt-domain.c
@@ -11031,6 +11031,8 @@ virDomainGetHostname(virDomainPtr domain, unsigned int flags)
    virCheckDomainReturn(domain, NULL);
    conn = domain->conn;

+    virCheckReadOnlyGoto(domain->conn->flags, error);
+
    if (conn->driver->domainGetHostname) {
        char *ret;
        ret = conn->driver->domainGetHostname(domain, flags);