NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

rpc: gendispatch: handle empty flags

Browse Source 
CVE-2020-25637

Prepare for omission of the <flagname> in remote_protocol.x
@acl annotations:
 @acl: <object>:<permission>:<flagname>
so that we can add more fields after, e.g.:
 @acl: <object>:<permission>::<field>

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
This commit is contained in:
Ján Tomko 2020-09-18 17:44:56 +02:00
parent 9c2ba74ad6
commit 955029bd0a
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/rpc/gendispatch.pl
View File

@ -2119,7 +2119,7 @@ elsif ($mode eq "client") {
if ($acl[$i]->{object} ne $acl[0]->{object}) { if ($acl[$i]->{object} ne $acl[0]->{object}) {
die "acl for '$call->{ProcName}' cannot check different objects"; die "acl for '$call->{ProcName}' cannot check different objects";
} }
if (defined $acl[$i]->{flags}) { if (defined $acl[$i]->{flags} && length $acl[$i]->{flags}) {
$checkflags = 1; $checkflags = 1;
} }
} }
@ -2207,7 +2207,7 @@ elsif ($mode eq "client") {
my $method = "virAccessManagerCheck" . $object; my $method = "virAccessManagerCheck" . $object;
my $space = ' ' x length($method); my $space = ' ' x length($method);
print " if ("; print " if (";
if (defined $acl->{flags}) { if (defined $acl->{flags} && length $acl->{flags}) {
my $flags = $acl->{flags}; my $flags = $acl->{flags};
if ($flags =~ /^\!/) { if ($flags =~ /^\!/) {
$flags = substr $flags, 1; $flags = substr $flags, 1;