Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rebased: Various security and functionality related bugfixes (multiple DoS, memory leaks) #200

Merged
merged 9 commits into from Jul 22, 2017
fixed local DoS when UnregisterHandler was called for a not existing …
…handler

Any user with DBUS access could cause a SEGFAULT in tcmu-runner by
running something like this:

dbus-send --system --print-reply --dest=org.kernel.TCMUService1 /org/kernel/TCMUService1/HandlerManager1 org.kernel.TCMUService1.HandlerManager1.UnregisterHandler string:123
  • Loading branch information
mgerstner committed Jul 18, 2017
commit e2d953050766ac538615a811c64b34358614edce
2 changes: 1 addition & 1 deletion main.c
Expand Up @@ -386,7 +386,7 @@ on_unregister_handler(TCMUService1HandlerManager1 *interface,
gpointer user_data)
{
struct tcmur_handler *handler = find_handler_by_subtype(subtype);
struct dbus_info *info = handler->opaque;
struct dbus_info *info = handler ? handler->opaque : NULL;

if (!handler) {
g_dbus_method_invocation_return_value(invocation,
Expand Down