diff options
author | Ján Tomko <jtomko@redhat.com> | 2019-06-14 09:14:53 +0200 |
---|---|---|
committer | Ján Tomko <jtomko@redhat.com> | 2019-06-24 09:56:07 +0200 |
commit | 00e673c93fc3d0cfed274cc7a1ec2c52260c8262 (patch) | |
tree | 3e61956b8cd517fe547953502b6ea641911937b9 | |
parent | a27659643b8ae9b26b52fc857cdc5b301184e26e (diff) | |
download | libvirt-00e673c93fc3d0cfed274cc7a1ec2c52260c8262.tar.gz |
api: disallow virDomainManagedSaveDefineXML on read-only connections
The virDomainManagedSaveDefineXML can be used to alter the domain's
config used for managedsave or even execute arbitrary emulator binaries.
Forbid it on read-only connections.
Fixes: CVE-2019-10166
Reported-by: Matthias Gerstner <mgerstner@suse.de>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a)
Signed-off-by: Ján Tomko <jtomko@redhat.com>
-rw-r--r-- | src/libvirt-domain.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c index 270e10e857..5c764aa7e2 100644 --- a/src/libvirt-domain.c +++ b/src/libvirt-domain.c @@ -9482,6 +9482,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml, virCheckDomainReturn(domain, -1); conn = domain->conn; + virCheckReadOnlyGoto(conn->flags, error); if (conn->driver->domainManagedSaveDefineXML) { int ret; |