projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8473495) | patch
tools/ocaml/xenstored: Check for maxrequests before performing operations
authorEdwin Török <edvin.torok@citrix.com>
Thu, 28 Jul 2022 16:08:15 +0000 (17:08 +0100)
committerAndrew Cooper <andrew.cooper3@citrix.com>
Tue, 1 Nov 2022 13:05:44 +0000 (13:05 +0000)
commit329f4d1a6535c6c5a34025ca0d03fc5c7228fcff
treee87e1180c5eb0c01d0dde613a1c51425254a635dtree | snapshot
parent84734955d4bf629ba459a74773afcde50a52236fcommit | diff
tools/ocaml/xenstored: Check for maxrequests before performing operations

Previously we'd perform the operation, record the updated tree in the
transaction record, then try to insert a watchop path and the reply packet.

If we exceeded max requests we would've returned EQUOTA, but still:
* have performed the operation on the transaction's tree
* have recorded the watchop, making this queue effectively unbounded

It is better if we check whether we'd have room to store the operation before
performing the transaction, and raise EQUOTA there.  Then the transaction
record won't grow.

This is part of XSA-326 / CVE-2022-42317.

Signed-off-by: Edwin Török <edvin.torok@citrix.com>
Acked-by: Christian Lindig <christian.lindig@citrix.com>
tools/ocaml/xenstored/process.ml diff | blob | history
tools/ocaml/xenstored/transaction.ml diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.