[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH 2/3] tools/oxenstored: Reject invalid watch paths early
Acked-by: Christian Lindig <christian.lindig@xxxxxxxxxx> Great work. Fuzzing is often thought as best to find bugs in languages like C where memory is explicitly managed but here it reveals logical bugs. ________________________________________ From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Sent: 03 February 2021 17:35 To: Xen-devel Cc: Edwin Torok; Christian Lindig; Ian Jackson; Wei Liu Subject: [PATCH 2/3] tools/oxenstored: Reject invalid watch paths early From: Edwin Török <edvin.torok@xxxxxxxxxx> Watches on invalid paths were accepted, but they would never trigger. The client also got no notification that its watch is bad and would never trigger. Found again by the structured fuzzer, due to an error on live update reload: the invalid watch paths would get rejected during live update and the list of watches would be different pre/post live update. The testcase is watch on `//`, which is an invalid path. Signed-off-by: Edwin Török <edvin.torok@xxxxxxxxxx> --- CC: Christian Lindig <christian.lindig@xxxxxxxxxx> CC: Ian Jackson <iwj@xxxxxxxxxxxxxx> CC: Wei Liu <wl@xxxxxxx> --- tools/ocaml/xenstored/connection.ml | 5 ++--- tools/ocaml/xenstored/connections.ml | 4 +++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/tools/ocaml/xenstored/connection.ml b/tools/ocaml/xenstored/connection.ml index d09a0fa405..65f99ea6f2 100644 --- a/tools/ocaml/xenstored/connection.ml +++ b/tools/ocaml/xenstored/connection.ml @@ -158,18 +158,17 @@ let get_children_watches con path = let is_dom0 con = Perms.Connection.is_dom0 (get_perm con) -let add_watch con path token = +let add_watch con (path, apath) token = if !Quota.activate && !Define.maxwatch > 0 && not (is_dom0 con) && con.nb_watches > !Define.maxwatch then raise Quota.Limit_reached; - let apath = get_watch_path con path in let l = get_watches con apath in if List.exists (fun w -> w.token = token) l then raise Define.Already_exist; let watch = watch_create ~con ~token ~path in Hashtbl.replace con.watches apath (watch :: l); con.nb_watches <- con.nb_watches + 1; - apath, watch + watch let del_watch con path token = let apath = get_watch_path con path in diff --git a/tools/ocaml/xenstored/connections.ml b/tools/ocaml/xenstored/connections.ml index 8a66eeec3a..3c7429fe7f 100644 --- a/tools/ocaml/xenstored/connections.ml +++ b/tools/ocaml/xenstored/connections.ml @@ -114,8 +114,10 @@ let key_of_path path = "" :: Store.Path.to_string_list path let add_watch cons con path token = - let apath, watch = Connection.add_watch con path token in + let apath = Connection.get_watch_path con path in + (* fail on invalid paths early by calling key_of_str before adding watch *) let key = key_of_str apath in + let watch = Connection.add_watch con (path, apath) token in let watches = if Trie.mem cons.watches key then Trie.find cons.watches key -- 2.11.0
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |