Bug 1609779 - Unquoted Service Paths Windows guest tools
Summary: Unquoted Service Paths Windows guest tools
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: ovirt-guest-tools
Classification: oVirt
Component: Packaging.installer
Version: 4.2-1
Hardware: x86_64
OS: Windows
unspecified
high
Target Milestone: ovirt-4.2.6
: ---
Assignee: Sandro Bonazzola
QA Contact: Petr Matyáš
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-07-30 12:32 UTC by Doron Fediuck
Modified: 2019-04-28 08:39 UTC (History)
6 users (show)

Fixed In Version: ovirt-wgt-4.2-3
Clone Of:
: 1609820 (view as bug list)
Environment:
Last Closed: 2018-09-03 15:07:24 UTC
oVirt Team: Integration
Embargoed:
rule-engine: ovirt-4.2+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1609820 0 unspecified CLOSED Unquoted Service Paths Windows guest tools 2021-02-22 00:41:40 UTC
oVirt gerrit 93626 0 ovirt-wgt-4.2 MERGED Properly quote path to service binaries 2018-08-12 09:22:35 UTC
oVirt gerrit 95676 0 master MERGED Properly quote path to service binaries 2018-11-23 11:13:18 UTC

Internal Links: 1609820

Description Doron Fediuck 2018-07-30 12:32:38 UTC 
Description of problem:
This was reported by a community user, and examined with the SRT representative to be a hardening issue and not security issue;

The services ovirt installs don't have quoted binary paths, as you can see bellow.

  OVirtGuestService : C:\Program Files (x86)\oVirt Guest Tools\OVirtGuestService.exe
  vdservice : C:\Program Files (x86)\oVirt Guest Tools\64\vdservice.exe
  BalloonService : C:\Program Files (x86)\oVirt Guest Tools\drivers\Balloon\2k12r2\amd64\blnsvr.exe

Version-Release number of selected component (if applicable):
ovirt-guest-tools-iso-4.2-1.el7.centos

Actual results:
Unquoted path with space for guest binaries.

Expected results:
Quoted path being used.

Additional info:
For more information you can take a look at https://www.commonexploits.com/unquoted-service-paths/ and http://cwe.mitre.org/data/definitions/428.html
Comment 1 Sandro Bonazzola 2018-08-14 19:11:33 UTC 
Build is available in ovirt-4.2-pre repo: https://resources.ovirt.org/pub/ovirt-4.2-pre/iso/oVirt-toolsSetup/4.2-3.el7/oVirt-toolsSetup-4.2-3.el7.iso
Comment 2 Petr Matyáš 2018-08-15 10:04:26 UTC 
Verified on oVirt Guest Tools 4.2-3.el7

All paths are quoted correctly.
Note You need to log in before you can comment on or make changes to this bug.