From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:36078)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <namei.unix@gmail.com>) id 1ZWaOW-0007P7-ES
	for qemu-devel@nongnu.org; Mon, 31 Aug 2015 21:29:53 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <namei.unix@gmail.com>) id 1ZWaOR-0000jH-El
	for qemu-devel@nongnu.org; Mon, 31 Aug 2015 21:29:52 -0400
Received: from mail-io0-x22f.google.com ([2607:f8b0:4001:c06::22f]:32970)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <namei.unix@gmail.com>) id 1ZWaOR-0000j9-9Z
	for qemu-devel@nongnu.org; Mon, 31 Aug 2015 21:29:47 -0400
Received: by iods203 with SMTP id s203so179088728iod.0
	for <qemu-devel@nongnu.org>; Mon, 31 Aug 2015 18:29:46 -0700 (PDT)
From: Liu Yuan <namei.unix@gmail.com>
Date: Tue,  1 Sep 2015 09:29:31 +0800
Message-Id: <1441070971-22535-1-git-send-email-namei.unix@gmail.com>
Subject: [Qemu-devel] [PATCH] sheepdog: discard the payload if the header is
	invalid
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: sheepdog-ng@googlegroups.com
Cc: Kevin Wolf <kwolf@redhat.com>, Jeff Cody <jcody@redhat.com>, qemu-devel@nongnu.org, Stefan Hajnoczi <stefanha@redhat.com>

From: Liu Yuan <liuyuan@cmss.chinamobile.com>

We need to discard the payload if we get a invalid header due to whatever reason
to avoid data stream curruption. For e.g., the response consists of header plus
data payload. If we simply read the header then the data payload is left in the
socket buffer and the next time we would read the garbage data and currupt the
whole connection.

Cc: qemu-devel@nongnu.org
Cc: Jeff Cody <jcody@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Liu Yuan <liuyuan@cmss.chinamobile.com>
---
 block/sheepdog.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/block/sheepdog.c b/block/sheepdog.c
index 9585beb..9ed3458 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -794,6 +794,14 @@ static void coroutine_fn aio_read_response(void *opaque)
         }
     }
     if (!aio_req) {
+        if (rsp.data_length) {
+            void *garbage = g_malloc(rsp.data_length);
+            ret = qemu_co_recv(fd, garbage, rsp.data_length);
+            if (ret != rsp.data_length) {
+                error_report("failed to discard the data, %s", strerror(errno));
+            }
+            g_free(garbage);
+        }
         error_report("cannot find aio_req %x", rsp.id);
         goto err;
     }
-- 
1.9.1