From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: Max Reitz <mreitz@redhat.com>
Subject: [Qemu-devel] [PULL 12/19] nbd: Drop unexpected data for NBD_OPT_LIST
Date: Wed, 18 Mar 2015 12:24:59 +0100 [thread overview]
Message-ID: <1426677906-51657-13-git-send-email-pbonzini@redhat.com> (raw)
In-Reply-To: <1426677906-51657-1-git-send-email-pbonzini@redhat.com>
From: Max Reitz <mreitz@redhat.com>
When requesting the list of exports, no data should be sent. If data is
sent, the NBD server should not just inform the client of the invalid
request, but also drop the data.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-Id: <1424887718-10800-22-git-send-email-mreitz@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
nbd.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/nbd.c b/nbd.c
index 563e820..91b7d56 100644
--- a/nbd.c
+++ b/nbd.c
@@ -193,6 +193,26 @@ static ssize_t read_sync(int fd, void *buffer, size_t size)
return nbd_wr_sync(fd, buffer, size, true);
}
+static ssize_t drop_sync(int fd, size_t size)
+{
+ ssize_t ret, dropped = size;
+ uint8_t *buffer = g_malloc(MIN(65536, size));
+
+ while (size > 0) {
+ ret = read_sync(fd, buffer, MIN(65536, size));
+ if (ret < 0) {
+ g_free(buffer);
+ return ret;
+ }
+
+ assert(ret <= size);
+ size -= ret;
+ }
+
+ g_free(buffer);
+ return dropped;
+}
+
static ssize_t write_sync(int fd, void *buffer, size_t size)
{
int ret;
@@ -303,6 +323,9 @@ static int nbd_handle_list(NBDClient *client, uint32_t length)
csock = client->sock;
if (length) {
+ if (drop_sync(csock, length) != length) {
+ return -EIO;
+ }
return nbd_send_rep(csock, NBD_REP_ERR_INVALID, NBD_OPT_LIST);
}
--
2.3.0
next prev parent reply other threads:[~2015-03-18 11:26 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-18 11:24 [Qemu-devel] [PULL 00/19] Misc bugfixes for 2.3.0-rc1 Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 01/19] nbd: Fix overflow return value Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 02/19] util/uri: Add overflow check to rfc3986_parse_port Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 03/19] qemu-nbd: Detect unused partitions by system == 0 Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 04/19] nbd: Fix nbd_establish_connection()'s return value Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 05/19] nbd: Pass return value from nbd_handle_list() Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 06/19] nbd: Handle blk_getlength() failure Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 07/19] qemu-nbd: fork() can fail Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 08/19] nbd: Fix potential signed overflow issues Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 09/19] nbd: Set block size to BDRV_SECTOR_SIZE Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 10/19] nbd: Fix nbd_receive_options() Paolo Bonzini
2015-03-18 11:24 ` [Qemu-devel] [PULL 11/19] nbd: Fix interpretation of the export flags Paolo Bonzini
2015-03-18 11:24 ` Paolo Bonzini [this message]
2015-03-18 11:25 ` [Qemu-devel] [PULL 13/19] coroutine-io: Return -errno in case of error Paolo Bonzini
2015-03-18 11:25 ` [Qemu-devel] [PULL 14/19] build: pass .d file name to scripts/make_device_config.sh, fix makefile target Paolo Bonzini
2015-03-18 11:25 ` [Qemu-devel] [PULL 15/19] virtio-scsi: Fix assert in virtio_scsi_push_event Paolo Bonzini
2015-03-18 11:25 ` [Qemu-devel] [PULL 16/19] kvm: fix ioeventfd endianness on bi-endian architectures Paolo Bonzini
2015-03-23 8:50 ` Greg Kurz
2015-03-18 11:25 ` [Qemu-devel] [PULL 17/19] profiler: Reenable built-in profiler Paolo Bonzini
2015-03-18 11:25 ` [Qemu-devel] [PULL 18/19] virtio-scsi-dataplane: fix memory leak in virtio_scsi_vring_init Paolo Bonzini
2015-03-18 11:25 ` [Qemu-devel] [PULL 19/19] exec: Respect as_tranlsate_internal length clamp Paolo Bonzini
2015-03-19 11:12 ` [Qemu-devel] [PULL 00/19] Misc bugfixes for 2.3.0-rc1 Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1426677906-51657-13-git-send-email-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).