Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
libvirt
提交
dab6391f
L
libvirt
项目概览
openeuler
/
libvirt
通知
3
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
L
libvirt
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
dab6391f
编写于
4月 01, 2009
作者:
D
Daniel P. Berrange
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Sanitize symlink resolution
上级
9a471495
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
83 addition
and
28 deletion
+83
-28
ChangeLog
ChangeLog
+9
-0
src/libvirt_private.syms
src/libvirt_private.syms
+1
-0
src/security_selinux.c
src/security_selinux.c
+10
-14
src/storage_backend_disk.c
src/storage_backend_disk.c
+13
-14
src/util.c
src/util.c
+47
-0
src/util.h
src/util.h
+3
-0
未找到文件。
ChangeLog
浏览文件 @
dab6391f
Wed Apr 1 11:22:22 BST 2009 Daniel P. Berrange <berrange@redhat.com>
Sanitise symlink resolving
* src/libvirt_private.syms: Add virFileResolveLink
* src/util.c, src/util.h: Add convenient virFileResolveLink
for reading symlink destination safely
* src/storage_backend_disk.c, src/security_selinux.c: Switch
over to calling virFileResolveLink
Wed Apr 1 11:18:22 BST 2009 Daniel P. Berrange <berrange@redhat.com>
Wed Apr 1 11:18:22 BST 2009 Daniel P. Berrange <berrange@redhat.com>
Misc memory handling fixes
Misc memory handling fixes
...
...
src/libvirt_private.syms
浏览文件 @
dab6391f
...
@@ -306,6 +306,7 @@ virStrToLong_ll;
...
@@ -306,6 +306,7 @@ virStrToLong_ll;
virStrToLong_ull;
virStrToLong_ull;
virStrToLong_ui;
virStrToLong_ui;
virFileLinkPointsTo;
virFileLinkPointsTo;
virFileResolveLink;
saferead;
saferead;
safewrite;
safewrite;
safezero;
safezero;
...
...
src/security_selinux.c
浏览文件 @
dab6391f
...
@@ -293,28 +293,24 @@ SELinuxRestoreSecurityImageLabel(virConnectPtr conn,
...
@@ -293,28 +293,24 @@ SELinuxRestoreSecurityImageLabel(virConnectPtr conn,
struct
stat
buf
;
struct
stat
buf
;
security_context_t
fcon
=
NULL
;
security_context_t
fcon
=
NULL
;
int
rc
=
-
1
;
int
rc
=
-
1
;
int
err
;
char
*
newpath
=
NULL
;
char
*
newpath
=
NULL
;
const
char
*
path
=
disk
->
src
;
const
char
*
path
=
disk
->
src
;
if
(
disk
->
readonly
||
disk
->
shared
)
if
(
disk
->
readonly
||
disk
->
shared
)
return
0
;
return
0
;
if
(
lstat
(
path
,
&
buf
)
!=
0
)
if
((
err
=
virFileResolveLink
(
path
,
&
newpath
))
<
0
)
{
return
-
1
;
virReportSystemError
(
conn
,
err
,
_
(
"cannot resolve symlink %s"
),
path
);
if
(
S_ISLNK
(
buf
.
st_mode
))
{
goto
err
;
if
(
VIR_ALLOC_N
(
newpath
,
buf
.
st_size
+
1
)
<
0
)
return
-
1
;
if
(
readlink
(
path
,
newpath
,
buf
.
st_size
)
<
0
)
goto
err
;
path
=
newpath
;
if
(
stat
(
path
,
&
buf
)
!=
0
)
goto
err
;
}
}
if
(
matchpathcon
(
path
,
buf
.
st_mode
,
&
fcon
)
==
0
)
{
if
(
stat
(
newpath
,
&
buf
)
!=
0
)
rc
=
SELinuxSetFilecon
(
conn
,
path
,
fcon
);
goto
err
;
if
(
matchpathcon
(
newpath
,
buf
.
st_mode
,
&
fcon
)
==
0
)
{
rc
=
SELinuxSetFilecon
(
conn
,
newpath
,
fcon
);
}
}
err:
err:
VIR_FREE
(
fcon
);
VIR_FREE
(
fcon
);
...
...
src/storage_backend_disk.c
浏览文件 @
dab6391f
...
@@ -362,20 +362,16 @@ virStorageBackendDiskDeleteVol(virConnectPtr conn,
...
@@ -362,20 +362,16 @@ virStorageBackendDiskDeleteVol(virConnectPtr conn,
unsigned
int
flags
ATTRIBUTE_UNUSED
)
unsigned
int
flags
ATTRIBUTE_UNUSED
)
{
{
char
*
part_num
=
NULL
;
char
*
part_num
=
NULL
;
int
n
;
int
err
;
char
devpath
[
PATH_MAX
]
;
char
*
devpath
=
NULL
;
char
*
devname
,
*
srcname
;
char
*
devname
,
*
srcname
;
int
rc
=
-
1
;
if
((
n
=
readlink
(
vol
->
target
.
path
,
devpath
,
sizeof
(
devpath
)))
<
0
&&
if
((
err
=
virFileResolveLink
(
vol
->
target
.
path
,
&
devpath
))
<
0
)
{
errno
!=
EINVAL
)
{
virReportSystemError
(
conn
,
err
,
virReportSystemError
(
conn
,
errno
,
_
(
"Couldn't read volume target path '%s'"
),
_
(
"Couldn't read volume target path '%s'"
),
vol
->
target
.
path
);
vol
->
target
.
path
);
return
-
1
;
goto
cleanup
;
}
else
if
(
n
<=
0
)
{
strncpy
(
devpath
,
vol
->
target
.
path
,
PATH_MAX
);
}
else
{
devpath
[
n
]
=
'\0'
;
}
}
devname
=
basename
(
devpath
);
devname
=
basename
(
devpath
);
...
@@ -386,7 +382,7 @@ virStorageBackendDiskDeleteVol(virConnectPtr conn,
...
@@ -386,7 +382,7 @@ virStorageBackendDiskDeleteVol(virConnectPtr conn,
virStorageReportError
(
conn
,
VIR_ERR_INTERNAL_ERROR
,
virStorageReportError
(
conn
,
VIR_ERR_INTERNAL_ERROR
,
_
(
"Volume path '%s' did not start with parent "
_
(
"Volume path '%s' did not start with parent "
"pool source device name."
),
devname
);
"pool source device name."
),
devname
);
return
-
1
;
goto
cleanup
;
}
}
part_num
=
devname
+
strlen
(
srcname
);
part_num
=
devname
+
strlen
(
srcname
);
...
@@ -395,7 +391,7 @@ virStorageBackendDiskDeleteVol(virConnectPtr conn,
...
@@ -395,7 +391,7 @@ virStorageBackendDiskDeleteVol(virConnectPtr conn,
virStorageReportError
(
conn
,
VIR_ERR_INTERNAL_ERROR
,
virStorageReportError
(
conn
,
VIR_ERR_INTERNAL_ERROR
,
_
(
"cannot parse partition number from target "
_
(
"cannot parse partition number from target "
"'%s'"
),
devname
);
"'%s'"
),
devname
);
return
-
1
;
goto
cleanup
;
}
}
/* eg parted /dev/sda rm 2 */
/* eg parted /dev/sda rm 2 */
...
@@ -409,9 +405,12 @@ virStorageBackendDiskDeleteVol(virConnectPtr conn,
...
@@ -409,9 +405,12 @@ virStorageBackendDiskDeleteVol(virConnectPtr conn,
};
};
if
(
virRun
(
conn
,
prog
,
NULL
)
<
0
)
if
(
virRun
(
conn
,
prog
,
NULL
)
<
0
)
return
-
1
;
goto
cleanup
;
return
0
;
rc
=
0
;
cleanup:
VIR_FREE
(
devpath
);
return
rc
;
}
}
...
...
src/util.c
浏览文件 @
dab6391f
...
@@ -937,6 +937,53 @@ int virFileLinkPointsTo(const char *checkLink,
...
@@ -937,6 +937,53 @@ int virFileLinkPointsTo(const char *checkLink,
&&
SAME_INODE
(
src_sb
,
dest_sb
));
&&
SAME_INODE
(
src_sb
,
dest_sb
));
}
}
/*
* Attempt to resolve a symbolic link, returning the
* real path
*
* Return 0 if path was not a symbolic, or the link was
* resolved. Return -1 upon error
*/
int
virFileResolveLink
(
const
char
*
linkpath
,
char
**
resultpath
)
{
struct
stat
st
;
char
*
buf
;
int
n
;
*
resultpath
=
NULL
;
if
(
lstat
(
linkpath
,
&
st
)
<
0
)
return
errno
;
if
(
!
S_ISLNK
(
st
.
st_mode
))
{
if
(
!
(
*
resultpath
=
strdup
(
linkpath
)))
return
-
ENOMEM
;
return
0
;
}
/* Posix says that 'st_size' field from
* result of an lstat() call is filled with
* number of bytes in the destination
* filename.
*/
if
(
VIR_ALLOC_N
(
buf
,
st
.
st_size
+
1
)
<
0
)
return
-
ENOMEM
;
if
((
n
=
readlink
(
linkpath
,
buf
,
st
.
st_size
))
<
0
)
{
VIR_FREE
(
buf
);
return
-
errno
;
}
buf
[
n
]
=
'\0'
;
*
resultpath
=
buf
;
return
0
;
}
int
virFileExists
(
const
char
*
path
)
int
virFileExists
(
const
char
*
path
)
{
{
struct
stat
st
;
struct
stat
st
;
...
...
src/util.h
浏览文件 @
dab6391f
...
@@ -87,6 +87,9 @@ int virFileStripSuffix(char *str,
...
@@ -87,6 +87,9 @@ int virFileStripSuffix(char *str,
int
virFileLinkPointsTo
(
const
char
*
checkLink
,
int
virFileLinkPointsTo
(
const
char
*
checkLink
,
const
char
*
checkDest
);
const
char
*
checkDest
);
int
virFileResolveLink
(
const
char
*
linkpath
,
char
**
resultpath
);
int
virFileExists
(
const
char
*
path
);
int
virFileExists
(
const
char
*
path
);
int
virFileMakePath
(
const
char
*
path
);
int
virFileMakePath
(
const
char
*
path
);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录
