From: Daniel P. Berrange <berrange@redhat.com>
Date: Fri, 9 Aug 2013 16:25:47 +0000 (+0100)
Subject: Make check for /dev/loop device names stricter to avoid /dev/loop-control
X-Git-Tag: CVE-2013-5651~46
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=68a9637b2c0655c23713965f6444f66af95fbff3;p=thirdparty%2Flibvirt.git

Make check for /dev/loop device names stricter to avoid /dev/loop-control

Recentish (2011) kernels introduced a new device called /dev/loop-control,
which causes libvirt's detection of loop devices to get confused
since it only checks for a prefix of 'loop'. Also check that the
next character is a digit

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---

diff --git a/src/util/virfile.c b/src/util/virfile.c
index 8f0eec3d64..2b07ac9255 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -546,7 +546,11 @@ static int virFileLoopDeviceOpen(char **dev_name)
 
     errno = 0;
     while ((de = readdir(dh)) != NULL) {
-        if (!STRPREFIX(de->d_name, "loop"))
+        /* Checking 'loop' prefix is insufficient, since
+         * new kernels have a dev named 'loop-control'
+         */
+        if (!STRPREFIX(de->d_name, "loop") ||
+            !c_isdigit(de->d_name[4]))
             continue;
 
         if (virAsprintf(&looppath, "/dev/%s", de->d_name) < 0)