|
From: | Paolo Bonzini |
Subject: | [Qemu-devel] Re: [FOR 0.12][PATCH] monitor: Accept input only byte-wise |
Date: | Fri, 16 Apr 2010 16:57:41 +0200 |
User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.8) Gecko/20100301 Fedora/3.0.3-1.fc12 Lightning/1.0b2pre Thunderbird/3.0.3 |
On 04/16/2010 03:17 PM, Daniel P. Berrange wrote:
On Fri, Apr 16, 2010 at 01:14:11PM +0200, Paolo Bonzini wrote:The QEMU code appears to be written to assume that it will recvmsg() a complete monitor command in one go + process that, because it closes the FD the moment the data from any recvmsg() is dealt with.This is buggy anyway. This should fix it too:Yep, this makes it work too, but if a client is evil they could pass a FD to qemu with any other non-getfd command& it'd remain open for ever. Probably not important though.
No, it wouldn't: outside the part that I patched there is this: if (s->msgfd != -1) close(s->msgfd); s->msgfd = fd; Only one file descriptor could "leak". Paolo
[Prev in Thread] | Current Thread | [Next in Thread] |