dgit.raspbian.org Git - xen.git/commit

author	Juergen Gross <jgross@suse.com>
	Tue, 13 Sep 2022 05:35:09 +0000 (07:35 +0200)
committer	Andrew Cooper <andrew.cooper3@citrix.com>
	Tue, 1 Nov 2022 13:05:44 +0000 (13:05 +0000)
commit	268369d8e322d227a74a899009c5748d7b0ea142
tree	84cd0faf6aca2f602a6bba85c02c6dbe2da43102	tree \| snapshot
parent	dbef1f7482894c572d90cd73d99ed689c891e863	commit \| diff

tools/xenstore: limit max number of nodes accessed in a transaction

Today a guest is free to access as many nodes in a single transaction
as it wants. This can lead to unbounded memory consumption in Xenstore
as there is the need to keep track of all nodes having been accessed
during a transaction.

In oxenstored the number of requests in a transaction is being limited
via a quota maxrequests (default is 1024). As multiple accesses of a
node are not problematic in C Xenstore, limit the number of accessed
nodes.

In order to let read_node() detect a quota error in case too many nodes
are being accessed, check the return value of access_node() and return
NULL in case an error has been seen. Introduce __must_check and add it
to the access_node() prototype.

This is part of XSA-326 / CVE-2022-42314.

Suggested-by: Julien Grall <julien@xen.org>
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Julien Grall <jgrall@amazon.com>

tools/include/xen-tools/libs.h		diff \| blob \| history
tools/xenstore/xenstored_core.c		diff \| blob \| history
tools/xenstore/xenstored_core.h		diff \| blob \| history
tools/xenstore/xenstored_transaction.c		diff \| blob \| history
tools/xenstore/xenstored_transaction.h		diff \| blob \| history