[Spice-devel] [PATCH spice-protocol] stream-device: Specify how padding shoud be inside new structures
Frediano Ziglio
fziglio at redhat.com
Tue Feb 27 17:29:13 UTC 2018
>
> > On 23 Feb 2018, at 11:11, Frediano Ziglio <fziglio at redhat.com> wrote:
> >
> > Depending on how structures are initialised in the code is
> > possible that implicit padding bytes are not initialised
> > causing possible information leaks as the entire structure
> > with all padding is sent through device/network.
> >
> > Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
> > ---
> > spice/stream-device.h | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/spice/stream-device.h b/spice/stream-device.h
> > index 2e7c50e..b2f83b5 100644
> > --- a/spice/stream-device.h
> > +++ b/spice/stream-device.h
> > @@ -48,6 +48,8 @@
> > * containing integers up to 64 bit.
> > * All numbers are in little endian format.
> > *
> > + * For security reasons structures should not contain implicit paddings.
>
> Acked-by: Christophe de Dinechin <dinechin at redhat.com>
>
> > + *
> > * The protocol can be defined by these states:
> > * - Initial. Device just opened. Guest should wait
> > * for a message from the host;
I actually nack myself. "naturally aligned" already requires this so
this is not adding much but only confusing, unless was an explanation
for the terminology which indeed is not common.
Frediano
More information about the Spice-devel
mailing list