On Tue, Nov 11, 2025 at 09:54:22AM +0100, Michal Prívozník wrote:
On 11/7/25 12:26, Martin Kletzander via Devel wrote:From: Martin Kletzander <[email protected]>Utilise the new virDomainDefIDsParseString() for that. Fixes: CVE-2025-12748 Reported-by: Святослав Терешин <[email protected]> Signed-off-by: Martin Kletzander <[email protected]> --- src/bhyve/bhyve_driver.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/src/bhyve/bhyve_driver.c b/src/bhyve/bhyve_driver.c index 00a484ae219c..72f1d7ace8e6 100644 --- a/src/bhyve/bhyve_driver.c +++ b/src/bhyve/bhyve_driver.c @@ -486,6 +486,15 @@ bhyveDomainDefineXMLFlags(virConnectPtr conn, const char *xml, unsigned int flag if (!caps) return NULL; + /* Avoid parsing the whole domain definition for ACL checks */ + if (!(def = virDomainDefIDsParseString(xml, provconn->xmlopt, parse_flags))) + return NULL; + + if (virDomainDefineXMLFlagsEnsureACL(conn, def) < 0) + return NULL; + + g_clear_pointer(&def, g_object_unref);Haven't checked other patches yet, but virDomainDef is NOT an virObject. This should have been: g_clear_pointer(&def, virDomainDefFree); Here and in the rest of patches.
Well, that's a stupid mistake, thanks for catching that. Fixed locally.
signature.asc
Description: PGP signature
