From 5893fef229ab62a3da1d437f61313f53a208370a Mon Sep 17 00:00:00 2001 From: "kfraser@localhost.localdomain" Date: Tue, 27 Mar 2007 16:23:52 +0100 Subject: [PATCH] hvm: Remove access to QEMU monitor in VNC server This fixes a RHEL5 errata and CVE-2007-0998. The monitor is still accessible in debug builds of ioemu (debug=y). Signed-off-by: Daniel P. Berrange --- tools/ioemu/Makefile.target | 4 ++++ tools/ioemu/vnc.c | 9 +++++++++ 2 files changed, 13 insertions(+) diff --git a/tools/ioemu/Makefile.target b/tools/ioemu/Makefile.target index 4872128d20..becb331238 100644 --- a/tools/ioemu/Makefile.target +++ b/tools/ioemu/Makefile.target @@ -193,6 +193,10 @@ ifdef CONFIG_SOLARIS LIBS+=-lsocket -lnsl -lresolv endif +ifeq ($(debug),y) +CFLAGS += -DQEMU_VNC_MONITOR_EXPORT +endif + # profiling code ifdef TARGET_GPROF LDFLAGS+=-p diff --git a/tools/ioemu/vnc.c b/tools/ioemu/vnc.c index d06b47a220..ac3b43351c 100644 --- a/tools/ioemu/vnc.c +++ b/tools/ioemu/vnc.c @@ -113,8 +113,10 @@ struct VncState int visible_w; int visible_h; +#ifdef QEMU_VNC_MONITOR_EXPORT int ctl_keys; /* Ctrl+Alt starts calibration */ int shift_keys; /* Shift / CapsLock keys */ +#endif int numlock; }; @@ -895,6 +897,7 @@ static void do_key_event(VncState *vs, int down, uint32_t sym) kbd_put_keycode(keycode & 0x7f); else kbd_put_keycode(keycode | 0x80); +#ifdef QEMU_VNC_MONITOR_EXPORT } else if (down) { int qemu_keysym = 0; @@ -922,8 +925,10 @@ static void do_key_event(VncState *vs, int down, uint32_t sym) } if (qemu_keysym != 0) kbd_put_keysym(qemu_keysym); +#endif } +#ifdef QEMU_VNC_MONITOR_EXPORT if (down) { switch (sym) { case XK_Control_L: @@ -976,6 +981,10 @@ static void do_key_event(VncState *vs, int down, uint32_t sym) break; } } +#else + if (!down && sym == XK_Num_Lock) + vs->numlock = !vs->numlock; +#endif } static void key_event(VncState *vs, int down, uint32_t sym) -- 2.30.2