NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity
Read-only mirror. Please submit merge requests / issues to https://gitlab.com/libvirt/libvirt
15,226 Commits 67 Branches 632 Tags 1.1 GiB
C 94.8%
Python 2%
Meson 0.9%
Shell 0.8%
Dockerfile 0.6%
Other 0.8%
f8c1cb9021
Go to file
Martin Kletzander f8c1cb9021 CVE-2013-6436: fix crash in lxcDomainGetMemoryParameters 
The function doesn't check whether the request is made for active or
inactive domain.  Thus when the domain is not running it still tries
accessing non-existing cgroups (priv->cgroup, which is NULL).

I re-made the function in order for it to work the same way it's qemu
counterpart does.

Reproducer:
 1) Define an LXC domain
 2) Do 'virsh memtune <domain>'

Backtrace:
 Thread 6 (Thread 0x7fffec8c0700 (LWP 13387)):
 #0  0x00007ffff70edcc4 in virCgroupPathOfController (group=0x0, controller=3,
     key=0x7ffff75734bd "memory.limit_in_bytes", path=0x7fffec8bf750) at util/vircgroup.c:1764
 #1  0x00007ffff70e958c in virCgroupGetValueStr (group=0x0, controller=3,
     key=0x7ffff75734bd "memory.limit_in_bytes", value=0x7fffec8bf7c0) at util/vircgroup.c:705
 #2  0x00007ffff70e9d29 in virCgroupGetValueU64 (group=0x0, controller=3,
     key=0x7ffff75734bd "memory.limit_in_bytes", value=0x7fffec8bf810) at util/vircgroup.c:804
 #3  0x00007ffff70ee706 in virCgroupGetMemoryHardLimit (group=0x0, kb=0x7fffec8bf8a8)
     at util/vircgroup.c:1962
 #4  0x00005555557d590f in lxcDomainGetMemoryParameters (dom=0x7fffd40024a0,
     params=0x7fffd40027a0, nparams=0x7fffec8bfa24, flags=0) at lxc/lxc_driver.c:826
 #5  0x00007ffff72c28d3 in virDomainGetMemoryParameters (domain=0x7fffd40024a0,
     params=0x7fffd40027a0, nparams=0x7fffec8bfa24, flags=0) at libvirt.c:4137
 #6  0x000055555563714d in remoteDispatchDomainGetMemoryParameters (server=0x555555eb7e00,
     client=0x555555ebaef0, msg=0x555555ebb3e0, rerr=0x7fffec8bfb70, args=0x7fffd40024e0,
     ret=0x7fffd4002420) at remote.c:1895
 #7  0x00005555556052c4 in remoteDispatchDomainGetMemoryParametersHelper (server=0x555555eb7e00,
     client=0x555555ebaef0, msg=0x555555ebb3e0, rerr=0x7fffec8bfb70, args=0x7fffd40024e0,
     ret=0x7fffd4002420) at remote_dispatch.h:4050
 #8  0x00007ffff73b293f in virNetServerProgramDispatchCall (prog=0x555555ec3ae0,
     server=0x555555eb7e00, client=0x555555ebaef0, msg=0x555555ebb3e0)
     at rpc/virnetserverprogram.c:435
 #9  0x00007ffff73b207f in virNetServerProgramDispatch (prog=0x555555ec3ae0,
     server=0x555555eb7e00, client=0x555555ebaef0, msg=0x555555ebb3e0)
     at rpc/virnetserverprogram.c:305
 #10 0x00007ffff73a4d2c in virNetServerProcessMsg (srv=0x555555eb7e00, client=0x555555ebaef0,
     prog=0x555555ec3ae0, msg=0x555555ebb3e0) at rpc/virnetserver.c:165
 #11 0x00007ffff73a4e8d in virNetServerHandleJob (jobOpaque=0x555555ebc7e0, opaque=0x555555eb7e00)
     at rpc/virnetserver.c:186
 #12 0x00007ffff7187f3f in virThreadPoolWorker (opaque=0x555555eb7ac0) at util/virthreadpool.c:144
 #13 0x00007ffff718733a in virThreadHelper (data=0x555555eb7890) at util/virthreadpthread.c:161
 #14 0x00007ffff468ed89 in start_thread (arg=0x7fffec8c0700) at pthread_create.c:308
 #15 0x00007ffff3da26bd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2013-12-20 12:46:47 +00:00
.gnulib@831b84c59e maint: update to latest gnulib 2013-11-23 21:05:15 -07:00
build-aux maint: enforce comma style usage 2013-11-20 09:24:18 -07:00
daemon Add network events to the remote driver 2013-12-11 13:26:25 +00:00
docs snapshot: schema: Split out snapshot disk driver definition 2013-12-19 10:20:56 +01:00
examples Update event demo program to support network events too 2013-12-13 16:07:54 +00:00
gnulib Don't link virt-login-shell against libvirt.so (CVE-2013-4400) 2013-10-21 14:03:52 +01:00
include docs: improve event-related documentation 2013-12-19 09:45:50 -07:00
m4 storage: initial support for linking with libgfapi 2013-11-25 11:02:52 -07:00
po Extracted common parts of domain_event.[ch] to object_event.[ch] 2013-12-10 13:12:35 +00:00
src CVE-2013-6436: fix crash in lxcDomainGetMemoryParameters 2013-12-20 12:46:47 +00:00
tests Fix crash in virsystemdtest with dbus 1.7.6 2013-12-19 11:20:05 +00:00
tools storage: Add gluster pool filter and fix virsh pool listing 2013-12-19 11:01:50 +01:00
.ctags maint: Make ctags work out of the box 2013-07-18 08:47:21 +02:00
.dir-locals.el build: avoid tabs that failed syntax-check 2012-09-06 09:43:46 -06:00
.gitignore Move examples/domain-events/event-c to examples/object-events 2013-12-13 16:07:54 +00:00
.gitmodules make .gnulib a submodule 2009-07-08 16:17:51 +02:00
.mailmap Autogenerate AUTHORS 2012-10-19 12:44:56 -04:00
AUTHORS.in Add John Ferlan to the committers list 2013-02-05 10:59:32 -05:00
autobuild.sh Remove python binding 2013-11-25 16:08:00 +00:00
autogen.sh autogen.sh: Correctly detect .git as a file 2013-08-29 13:19:45 +02:00
bootstrap maint: update to latest gnulib 2013-09-24 06:53:07 -06:00
bootstrap.conf Add helpers for getting env vars in a setuid environment 2013-10-21 14:03:52 +01:00
cfg.mk Move examples/domain-events/event-c to examples/object-events 2013-12-13 16:07:54 +00:00
ChangeLog-old maint: typo fixes 2013-10-22 16:49:32 +01:00
config-post.h build: fix build of virt-login-shell on systems with older gnutls 2013-10-22 09:41:50 -06:00
configure.ac Remove redefinition of bool type when --enable-test-locking 2013-12-18 17:03:35 +00:00
COPYING maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
COPYING.LESSER maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
HACKING maint: enforce comma style usage 2013-11-20 09:24:18 -07:00
libvirt.pc.in Add missing 'libvirt_lxc_api' variable in pkg-config file 2013-09-04 14:52:40 +01:00
libvirt.spec.in specfile: fix make rpm when with_driver_modules is 1 2013-12-17 14:33:00 +02:00
Makefile.am Move examples/domain-events/event-c to examples/object-events 2013-12-13 16:07:54 +00:00
Makefile.nonreentrant maint: use LGPL correctly 2013-05-20 14:03:48 -06:00
mingw-libvirt.spec.in Remove python binding 2013-11-25 16:08:00 +00:00
README Correct typos in the documentation (Atsushi SAKAI) 2008-01-24 10:15:13 +00:00
README-hacking maint: relax git minimum version 2010-02-24 14:29:27 -05:00
run.in Remove python binding 2013-11-25 16:08:00 +00:00
TODO Update todo list file to point at bugzilla/website 2010-10-13 16:45:26 +01:00

README 

         LibVirt : simple API for virtualization

  Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.

Daniel Veillard <veillard@redhat.com>