An update for qubes-core-appvm package is available, fixes a reliability-related bug

5 views
Skip to first unread message

Rafal Wojtczuk

unread,
May 27, 2011, 11:56:14 AM5/27/11
to qubes...@googlegroups.com
Hello,

We have discovered a bug in the qubes-core-appvm package, that affects
inter-VM file copy (as implemented by qvm-copy-to-vm utility, or from nautilus
GUI via RightClick->scripts->Copy to other AppVM). In certain rare
circumstances, the inter-VM copy operation may transfer a file incorrectly;
more precisely, the destination file may be truncated.

The following conditions are required for the bug to manifest itself:
1) There is data in File Sender's socket [output] buffer
2) File Sender process exits
3) The File Receiver's socket [input] buffer is full
In these circumstances, because of incorrect program logic of the
qrexec_daemon, flushing of Sender's data is not completed; as a result,
Receiver is given a truncated file.

The bug has been fixed in the commit viewable at
http://git.qubes-os.org/?p=joanna/core.git;a=commit;h=e7d2eefecdbe80908db85805bc4b0700502109d5

It is advisable to update the qubes-core-appvm package to version 1.5.28 in
all template and standalone VMs. Additionally, we have added a redundant
checksum verification in all file copy operations, in order to catch any
further potential bugs in the file copy protocol.

This bug is not security-related, it is a reliability issue.

RW

Reply all
Reply to author
Forward
0 new messages