File CVE-2017-10664-qemut-nbd-ignore-sigpipe.patch of Package xen.openSUSE_Leap_42.3_Update

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2017-10664-qemut-nbd-ignore-sigpipe.patch of Package xen.openSUSE_Leap_42.3_Update

References: bsc#1046637 CVE-2017-10664

Subject: qemu-nbd: Ignore SIGPIPE
From: Max Reitz mreitz@redhat.com Sun Jun 11 14:37:14 2017 +0200
Date: Thu Jun 15 11:04:05 2017 +0200:
Git: 041e32b8d9d076980b4e35317c0339e57ab888f1

qemu proper has done so for 13 years
(8a7ddc38a60648257dc0645ab4a05b33d6040063), qemu-img and qemu-io have
done so for four years (526eda14a68d5b3596be715505289b541288ef2a).
Ignoring this signal is especially important in qemu-nbd because
otherwise a client can easily take down the qemu-nbd server by dropping
the connection when the server wants to send something, for example:

$ qemu-nbd -x foo -f raw -t null-co:// &
[1] 12726
$ qemu-io -c quit nbd://localhost/bar
can't open device nbd://localhost/bar: No export with name 'bar' available
[1]  + 12726 broken pipe  qemu-nbd -x foo -f raw -t null-co://

In this case, the client sends an NBD_OPT_ABORT and closes the
connection (because it is not required to wait for a reply), but the
server replies with an NBD_REP_ACK (because it is required to reply).

Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <20170611123714.31292-1-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Index: xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-nbd.c
===================================================================
--- xen-4.9.0-testing.orig/tools/qemu-xen-traditional-dir-remote/qemu-nbd.c
+++ xen-4.9.0-testing/tools/qemu-xen-traditional-dir-remote/qemu-nbd.c
@@ -225,6 +225,9 @@ int main(int argc, char **argv)
     int nb_fds = 0;
     int max_fd;
     int persistent = 0;
+#ifdef CONFIG_POSIX
+    signal(SIGPIPE, SIG_IGN);
+#endif
 
     while ((ch = getopt_long(argc, argv, sopt, lopt, &opt_ind)) != -1) {
         switch (ch) {

Places

File CVE-2017-10664-qemut-nbd-ignore-sigpipe.patch of Package xen.openSUSE_Leap_42.3_Update

Places