api: disallow virDomainManagedSaveDefineXML on read-only connections

The virDomainManagedSaveDefineXML can be used to alter the domain's config used for managedsave or even execute arbitrary emulator binaries. Forbid it on read-only connections. Fixes: CVE-2019-10166 Reported-by: N Matthias Gerstner <mgerstner@suse.de> Signed-off-by: N Ján Tomko <jtomko@redhat.com> Reviewed-by: N Daniel P. Berrangé <berrange@redhat.com> (cherry picked from commit db0b7845) Signed-off-by: N Ján Tomko <jtomko@redhat.com>

api: disallow virDomainManagedSaveDefineXML on read-only connections
The virDomainManagedSaveDefineXML can be used to alter the domain's config used for managedsave or even execute arbitrary emulator binaries. Forbid it on read-only connections. Fixes: CVE-2019-10166 Reported-by: N Matthias Gerstner <mgerstner@suse.de> Signed-off-by: N Ján Tomko <jtomko@redhat.com> Reviewed-by: N Daniel P. Berrangé <berrange@redhat.com> (cherry picked from commit db0b7845) Signed-off-by: N Ján Tomko <jtomko@redhat.com>
d9a1f3de · Ján Tomko · 1f8129c5 · d9a1f3de
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

src/libvirt-domain.c src/libvirt-domain.c +1 -0

未找到文件。
--- a/src/libvirt-domain.c
+++ b/src/libvirt-domain.c
@@ -9424,6 +9424,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml,

    virCheckDomainReturn(domain, -1);
    conn = domain->conn;
+    virCheckReadOnlyGoto(conn->flags, error);

    if (conn->driver->domainManagedSaveDefineXML) {
        int ret;