External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-04 20:15:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
9,786 Commits 67 Branches 629 Tags 868 MiB
C 94.8%
Python 2%
Meson 0.9%
Shell 0.8%
Dockerfile 0.6%
Other 0.8%
45d6729f98
Go to file
Jiri Denemark 45d6729f98 daemon: Fix crash in virTypedParameterArrayClear 
CVE-2012-3445, https://bugzilla.redhat.com/show_bug.cgi?id=844745

Daemon uses the following pattern when dispatching APIs with typed
parameters:

    VIR_ALLOC_N(params, nparams);
    virDomain*(dom, params, &nparams, flags);
    virTypedParameterArrayClear(params, nparams);

In case nparams was originally set to 0, virDomain* API would fill it
with the number of typed parameters it can provide and we would use this
number (rather than zero) to clear params. Because VIR_ALLOC* returns
non-NULL pointer even if size is 0, the code would end up walking
through random memory. If we were lucky enough and the memory contained
7 (VIR_TYPED_PARAM_STRING) at the right place, we would try to free a
random pointer and crash.

Let's make sure params stays NULL when nparams is 0.
(cherry picked from commit 6039a2cb49)
2012-08-01 16:28:53 -06:00
.gnulib@dbd914496c build: update to latest gnulib, for secure tarball 2012-07-27 11:52:31 -06:00
daemon daemon: Fix crash in virTypedParameterArrayClear 2012-08-01 16:28:53 -06:00
docs build: fix 'make distcheck' issues 2012-06-15 11:52:06 -04:00
examples examples: add consolecallback example python script 2012-06-14 18:23:20 -04:00
gnulib build: fix fresh checkout on RHEL5 2012-04-25 16:36:26 -04:00
include snapshot: add atomic create flag 2012-03-23 16:38:20 -06:00
m4 maint: make it easier to copy FORTIFY_SOURCE snippet 2012-06-14 18:38:26 -04:00
po Stable release 0.9.11.4 2012-06-15 12:59:49 -04:00
python python: fix snapshot listing bugs 2012-06-14 18:38:27 -04:00
src build: fix build of fresh checkout 2012-06-15 12:24:04 -04:00
tests Fix for parallel port passthrough for QEMU 2012-06-14 18:38:26 -04:00
tools libvirt-guests: systemd host shutdown does not work 2012-07-27 12:43:32 -06:00
.dir-locals.el maint: let emacs avoid tabs in rng files 2011-08-13 08:56:26 -06:00
.gitignore Stable release 0.9.11.3 2012-04-27 14:58:18 -04:00
.gitmodules make .gnulib a submodule 2009-07-08 16:17:51 +02:00
.mailmap maint: prune duplicate listings in AUTHORS 2012-02-03 09:56:45 -07:00
AUTHORS Update AUTHORS 2012-06-14 18:38:26 -04:00
autobuild.sh Enable all warnings permanently & default to -Werror for GIT builds 2012-03-27 17:08:06 +01:00
autogen.sh build: allow for local gnulib diffs 2011-11-09 09:03:33 -07:00
bootstrap build: update to latest gnulib, for secure tarball 2012-07-27 11:52:31 -06:00
bootstrap.conf build: update to latest gnulib, for secure tarball 2012-07-27 11:52:31 -06:00
cfg.mk build: update to latest gnulib, for secure tarball 2012-07-27 11:52:31 -06:00
ChangeLog-old virterror.c: Fix several spelling mistakes 2012-02-03 11:32:51 -07:00
configure.ac Stable release 0.9.11.4 2012-06-15 12:59:49 -04:00
COPYING.LIB remove all trailing blank lines 2009-07-16 15:06:42 +02:00
HACKING Document STREQ_NULLABLE and STRNEQ_NULLABLE 2011-10-06 16:50:38 +02:00
libvirt.pc.in build: silence warning from autoconf 2012-06-14 18:23:21 -04:00
libvirt.spec.in Stable release 0.9.11.4 2012-06-15 12:59:49 -04:00
Makefile.am maint: add missing copyright notices 2011-07-28 15:01:17 -06:00
Makefile.nonreentrant Ban use of all inet_* functions 2010-10-22 11:59:23 +01:00
mingw32-libvirt.spec.in Fix typos in API XML file paths 2012-02-15 11:29:38 +00:00
README Correct typos in the documentation (Atsushi SAKAI) 2008-01-24 10:15:13 +00:00
README-hacking maint: relax git minimum version 2010-02-24 14:29:27 -05:00
TODO Update todo list file to point at bugzilla/website 2010-10-13 16:45:26 +01:00

README 

         LibVirt : simple API for virtualization

  Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.

Daniel Veillard <veillard@redhat.com>