Re: [libvirt] [PATCH 08/10] util: Introduce 'virpin' module for dealing with PIN numbers

Tue, 02 Apr 2019 06:25:31 -0700 

On Mon, Apr 01, 2019 at 03:04:59PM +0200, Peter Krempa wrote:

In https://www.redhat.com/archives/libvir-list/2019-February/msg01475.html
I was notified that I forgot to deal with the possibility that the JSON
number would contain jtomko's PIN number. I had to look around for a
leaked list of PIN numbers to avoid the problem described in the review.

This commit implements a checker which will allow deciding when to nuke
the JSON number string. We obviously have to spare a few CPU cycles to
make Jano feel safer.
---
src/libvirt_private.syms |    4 +
src/util/Makefile.inc.am |    2 +
src/util/virpin.c        | 1053 ++++++++++++++++++++++++++++++++++++++
src/util/virpin.h        |   30 ++
tests/utiltest.c         |   30 ++
5 files changed, 1119 insertions(+)
create mode 100644 src/util/virpin.c
create mode 100644 src/util/virpin.h



Sensible-chuckle-by: Ján Tomko <jto...@redhat.com>


+/* This is a list of leaked pin codes obtained from
+ * https://pastebin.com/2qbRKh3R which I've found on the dark web. */


I'm not sure merging this is acceptable w/r/t to D-C-O.


+static const char *virPinList[] = {


[...]


+"1190", "1191", "1192", "1193", "1194", "1195", "1196", "1197", "1198", "1199",
+"1200", "1201", "1202", "1203", "1204", "1205", "1206", "1207", "1208", "1209",
+"1210", "1211", "1212", "1213", "1214", "1215", "1216", "1217", "1218", "1219",
+"1220", "1221", "1222", "1223", "1224", "1225", "1226", "1227", "1228", "1229",
+"1230", "1231", "1232", "1233", "1234", "1235", "1236", "1237", "1238", "1239",

Oh, look, here it is!              ^^^^


+"1240", "1241", "1242", "1243", "1244", "1245", "1246", "1247", "1248", "1249",
+"1250", "1251", "1252", "1253", "1254", "1255", "1256", "1257", "1258", "1259",
+"1260", "1261", "1262", "1263", "1264", "1265", "1266", "1267", "1268", "1269",
+"1270", "1271", "1272", "1273", "1274", "1275", "1276", "1277", "1278", "1279",
+"1280", "1281", "1282", "1283", "1284", "1285", "1286", "1287", "1288", "1289",
+"1290", "1291", "1292", "1293", "1294", "1295", "1296", "1297", "1298", "1299",


Jano

Attachment: signature.asc
Description: PGP signature

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Reply via email to