Codebase list libvirt / 4339f02
virlog: determine the hostname on startup CVE-2018-6764 Guido Günther 6 years ago
2 changed file(s) with 62 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
+1
-0
debian/patches/series less more
1717 Pass-GPG_TTY-env-var-to-the-ssh-binary.patch
1818 apparmor-Allow-virt-aa-helper-to-access-the-name-service-.patch
1919 apparmor-allow-libvirt-to-send-term-signal-to-unconfined.patch
20 virlog-determine-the-hostname-on-startup-CVE-2018-6764.patch
+61
-0
debian/patches/virlog-determine-the-hostname-on-startup-CVE-2018-6764.patch less more
0 From: Lubomir Rintel <lkundrak@v3.sk>
1 Date: Sat, 27 Jan 2018 23:43:58 +0100
2 Subject: virlog: determine the hostname on startup CVE-2018-6764
3
4 At later point it might not be possible or even safe to use getaddrinfo(). It
5 can in turn result in a load of NSS module.
6
7 Notably, on a LXC container startup we may find ourselves with the guest
8 filesystem already having replaced the host one. Loading a NSS module
9 from the guest tree would allow a malicous guest to escape the
10 confinement of its container environment because libvirt will not yet
11 have locked it down.
12 ---
13 src/util/virlog.c | 14 +++++++++-----
14 1 file changed, 9 insertions(+), 5 deletions(-)
15
16 diff --git a/src/util/virlog.c b/src/util/virlog.c
17 index 68439b9..9105337 100644
18 --- a/src/util/virlog.c
19 +++ b/src/util/virlog.c
20 @@ -64,6 +64,7 @@
21 VIR_LOG_INIT("util.log");
22
23 static regex_t *virLogRegex;
24 +static char *virLogHostname;
25
26
27 #define VIR_LOG_DATE_REGEX "[0-9]{4}-[0-9]{2}-[0-9]{2}"
28 @@ -271,6 +272,12 @@ virLogOnceInit(void)
29 VIR_FREE(virLogRegex);
30 }
31
32 + /* We get and remember the hostname early, because at later time
33 + * it might not be possible to load NSS modules via getaddrinfo()
34 + * (e.g. at container startup the host filesystem will not be
35 + * accessible anymore. */
36 + virLogHostname = virGetHostnameQuiet();
37 +
38 virLogUnlock();
39 return 0;
40 }
41 @@ -466,17 +473,14 @@ static int
42 virLogHostnameString(char **rawmsg,
43 char **msg)
44 {
45 - char *hostname = virGetHostnameQuiet();
46 char *hoststr;
47
48 - if (!hostname)
49 + if (!virLogHostname)
50 return -1;
51
52 - if (virAsprintfQuiet(&hoststr, "hostname: %s", hostname) < 0) {
53 - VIR_FREE(hostname);
54 + if (virAsprintfQuiet(&hoststr, "hostname: %s", virLogHostname) < 0) {
55 return -1;
56 }
57 - VIR_FREE(hostname);
58
59 if (virLogFormatString(msg, 0, NULL, VIR_LOG_INFO, hoststr) < 0) {
60 VIR_FREE(hoststr);