Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,027 Commits 1 Branch 0 Tags 6.4 MiB
11b8f9be20
Commit Graph

4 Commits

Author SHA1 Message Date
Vincent Penquerc'h
a4b3a0c955 qopen-in-vm: ensure we can't mistake a non empty file for an empty one 
st_size is off_t, which may be larger than int.
 2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
38c0ea3128 qopen-in-vm: fix read overflow 
That one would also send more data to the other VM that what we
intended: the start of the env var data (which in similar code
on my host includes the GPG agent socket path, XDG session cookie,
and more.

The other side expects a fixed size though, so pad with NULs.

Interestingly, the original code was not vulnerable as it was
callocing enough space.
 2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
5af6f0ff7f qopen-in-vm: close output when we're done writing to it 2014-01-06 17:57:40 +01:00
Marek Marczykowski
7686fd5d92 The Underscores Revolution: RPC services 2013-03-14 04:25:31 +01:00