On 3/9/21 3:56 PM, Daniel P. Berrangé wrote:
On Tue, Mar 09, 2021 at 03:26:22PM +0100, Michal Privoznik wrote:
The qemu_shim (compiled into virt-qemu-run-binary) reads several
files provided by user (XML definition of secret, value of the
secret, XML definition of domain) and it does so using
On Tue, Mar 09, 2021 at 03:26:22PM +0100, Michal Privoznik wrote:
> The qemu_shim (compiled into virt-qemu-run-binary) reads several
> files provided by user (XML definition of secret, value of the
> secret, XML definition of domain) and it does so using
> g_file_get_contents(). This is
The qemu_shim (compiled into virt-qemu-run-binary) reads several
files provided by user (XML definition of secret, value of the
secret, XML definition of domain) and it does so using
g_file_get_contents(). This is potentially dangerous, because
there is no limit on the size of files/buffers.