aboutsummaryrefslogtreecommitdiffstats
path: root/tools/xenstore/xenstored_core.c
diff options
context:
space:
mode:
authorkaf24@localhost.localdomain <kaf24@localhost.localdomain>2006-11-11 01:23:11 +0000
committerkaf24@localhost.localdomain <kaf24@localhost.localdomain>2006-11-11 01:23:11 +0000
commit22ed12a0f3266df4714057f9bdf2dfc9577bf80e (patch)
tree45cd6b4105d6f1addc5d325c3981766ec793a9b5 /tools/xenstore/xenstored_core.c
parente4ecc8e7f777f32e6512def4a25f7d1f7b1bd52b (diff)
downloadxen-22ed12a0f3266df4714057f9bdf2dfc9577bf80e.tar.gz
xen-22ed12a0f3266df4714057f9bdf2dfc9577bf80e.tar.bz2
xen-22ed12a0f3266df4714057f9bdf2dfc9577bf80e.zip
[XENSTORED] Fix errno 'leak' in xenstored.
In certain cases, when a client doesn't have enough permissions, the errno variable is not set in xenstored_core.c before its value is reported back. As a result, the client can learn about the errno of the last failed request to xenstored (which could have come from another client). (An unintended information channel! :-) From: Magnus Carlsson <magnus@galois.com> Signed-off-by: Keir Fraser <keir@xensource.com>
Diffstat (limited to 'tools/xenstore/xenstored_core.c')
-rw-r--r--tools/xenstore/xenstored_core.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/tools/xenstore/xenstored_core.c b/tools/xenstore/xenstored_core.c
index 890f852d73..3f304b0e41 100644
--- a/tools/xenstore/xenstored_core.c
+++ b/tools/xenstore/xenstored_core.c
@@ -575,8 +575,10 @@ struct node *get_node(struct connection *conn,
/* If we don't have permission, we don't have node. */
if (node) {
if ((perm_for_conn(conn, node->perms, node->num_perms) & perm)
- != perm)
+ != perm) {
+ errno = EACCES;
node = NULL;
+ }
}
/* Clean up errno if they weren't supposed to know. */
if (!node)
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 16:34:38 +0000