Google Git
Sign in
qemu / qemu / 00ed8a3459869f46dbb4e18d4dcc81882dfe8776
commit00ed8a3459869f46dbb4e18d4dcc81882dfe8776[log] [tgz]
authorLaurent Vivier <laurent@vivier.eu>Tue Sep 27 14:43:57 2022 +0200
committerLaurent Vivier <laurent@vivier.eu>Fri Oct 21 17:46:19 2022 +0200
tree9909762e4f82dfb55374ee20d3ecea8596e55f29
parentf07eb1c4f805c0dcc14dd69fee49b601ce0b2d2c [diff]
linux-user: don't use AT_EXECFD in do_openat()

AT_EXECFD gives access to the binary file even if
it is not readable (only executable).

Moreover it can be opened with flags and mode that are not the ones
provided by do_openat() caller.

And it is not available because loader_exec() has closed it.

To avoid that, use only safe_openat() with the exec_path.

Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220927124357.688536-3-laurent@vivier.eu>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
1 file changed
tree: 9909762e4f82dfb55374ee20d3ecea8596e55f29
  1. .github/
  2. .gitlab/
  3. .gitlab-ci.d/
  4. accel/
  5. audio/
  6. authz/
  7. backends/
  8. block/
  9. bsd-user/
  10. chardev/
  11. common-user/
  12. configs/
  13. contrib/
  14. crypto/
  15. disas/
  16. docs/
  17. dump/
  18. ebpf/
  19. fpu/
  20. fsdev/
  21. gdb-xml/
  22. gdbstub/
  23. hw/
  24. include/
  25. io/
  26. libdecnumber/
  27. linux-headers/
  28. linux-user/
  29. migration/
  30. monitor/
  31. nbd/
  32. net/
  33. pc-bios/
  34. plugins/
  35. po/
  36. python/
  37. qapi/
  38. qga/
  39. qobject/
  40. qom/
  41. replay/
  42. roms/
  43. scripts/
  44. scsi/
  45. semihosting/
  46. softmmu/
  47. storage-daemon/
  48. stubs/
  49. subprojects/
  50. target/
  51. tcg/
  52. tests/
  53. tools/
  54. trace/
  55. ui/
  56. util/
  57. dtc
  58. meson
  59. .cirrus.yml
  60. .dir-locals.el
  61. .editorconfig
  62. .exrc
  63. .gdbinit
  64. .gitattributes
  65. .gitignore
  66. .gitlab-ci.yml
  67. .gitmodules
  68. .gitpublish
  69. .mailmap
  70. .patchew.yml
  71. .readthedocs.yml
  72. .travis.yml
  73. block.c
  74. blockdev-nbd.c
  75. blockdev.c
  76. blockjob.c
  77. configure
  78. COPYING
  79. COPYING.LIB
  80. cpu.c
  81. cpus-common.c
  82. disas.c
  83. event-loop-base.c
  84. gitdm.config
  85. hmp-commands-info.hx
  86. hmp-commands.hx
  87. iothread.c
  88. job-qmp.c
  89. job.c
  90. Kconfig
  91. Kconfig.host
  92. LICENSE
  93. MAINTAINERS
  94. Makefile
  95. memory_ldst.c.inc
  96. meson.build
  97. meson_options.txt
  98. module-common.c
  99. os-posix.c
  100. os-win32.c
  101. page-vary-common.c
  102. page-vary.c
  103. qemu-bridge-helper.c
  104. qemu-edid.c
  105. qemu-img-cmds.hx
  106. qemu-img.c
  107. qemu-io-cmds.c
  108. qemu-io.c
  109. qemu-keymap.c
  110. qemu-nbd.c
  111. qemu-options.hx
  112. qemu.nsi
  113. qemu.sasl
  114. README.rst
  115. replication.c
  116. trace-events
  117. VERSION
  118. version.rc