From: Markus Armbruster <armbru@redhat.com>
To: qemu-devel@nongnu.org
Cc: qemu-block@nongnu.org, kwolf@redhat.com,
mitake.hitoshi@lab.ntt.co.jp, namei.unix@gmail.com,
jcody@redhat.com
Subject: [Qemu-devel] [PATCH 01/15] sheepdog: Defuse time bomb in sd_open() error handling
Date: Thu, 2 Mar 2017 22:43:52 +0100 [thread overview]
Message-ID: <1488491046-2549-2-git-send-email-armbru@redhat.com> (raw)
In-Reply-To: <1488491046-2549-1-git-send-email-armbru@redhat.com>
When qemu_opts_absorb_qdict() fails, sd_open() closes stdin, because
sd->fd is still zero. Fortunately, qemu_opts_absorb_qdict() can't
fail, because:
1. it only fails when qemu_opt_parse() fails, and
2. the only member of runtime_opts.desc[] is a QEMU_OPT_STRING, and
3. qemu_opt_parse() can't fail for QEMU_OPT_STRING.
Defuse this ticking time bomb by jumping behind the file descriptor
cleanup on error.
Also do that for the error paths where sd->fd is still -1. The file
descriptor cleanup happens to do nothing then, but let's not rely on
that here.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
---
block/sheepdog.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/block/sheepdog.c b/block/sheepdog.c
index 860ba61..fe15723 100644
--- a/block/sheepdog.c
+++ b/block/sheepdog.c
@@ -1392,7 +1392,7 @@ static int sd_open(BlockDriverState *bs, QDict *options, int flags,
if (local_err) {
error_propagate(errp, local_err);
ret = -EINVAL;
- goto out;
+ goto out_no_fd;
}
filename = qemu_opt_get(opts, "filename");
@@ -1412,12 +1412,12 @@ static int sd_open(BlockDriverState *bs, QDict *options, int flags,
}
if (ret < 0) {
error_setg(errp, "Can't parse filename");
- goto out;
+ goto out_no_fd;
}
s->fd = get_sheep_fd(s, errp);
if (s->fd < 0) {
ret = s->fd;
- goto out;
+ goto out_no_fd;
}
ret = find_vdi_name(s, vdi, snapid, tag, &vid, true, errp);
@@ -1472,6 +1472,7 @@ out:
if (s->fd >= 0) {
closesocket(s->fd);
}
+out_no_fd:
qemu_opts_del(opts);
g_free(buf);
return ret;
--
2.7.4
next prev parent reply other threads:[~2017-03-02 21:44 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-02 21:43 [Qemu-devel] [PATCH 00/15] block: A bunch of fixes for Sheepdog and Gluster Markus Armbruster
2017-03-02 21:43 ` Markus Armbruster [this message]
2017-03-02 22:46 ` [Qemu-devel] [PATCH 01/15] sheepdog: Defuse time bomb in sd_open() error handling Eric Blake
2017-03-03 5:18 ` Markus Armbruster
2017-03-02 21:43 ` [Qemu-devel] [PATCH 02/15] sheepdog: Fix error handling in sd_snapshot_delete() Markus Armbruster
2017-03-02 23:13 ` Eric Blake
2017-03-03 5:22 ` Markus Armbruster
2017-03-03 13:07 ` Kevin Wolf
2017-03-03 13:31 ` Markus Armbruster
2017-03-02 21:43 ` [Qemu-devel] [PATCH 03/15] sheepdog: Fix error handling sd_create() Markus Armbruster
2017-03-02 23:16 ` Eric Blake
2017-03-03 0:07 ` Philippe Mathieu-Daudé
2017-03-03 13:13 ` Kevin Wolf
2017-03-02 21:43 ` [Qemu-devel] [PATCH 04/15] sheepdog: Mark sd_snapshot_delete() lossage FIXME Markus Armbruster
2017-03-02 23:18 ` Eric Blake
2017-03-02 21:43 ` [Qemu-devel] [PATCH 05/15] sheepdog: Fix snapshot ID parsing in _open(), _create, _goto() Markus Armbruster
2017-03-02 23:30 ` Eric Blake
2017-03-03 13:25 ` Kevin Wolf
2017-03-03 13:41 ` Markus Armbruster
2017-03-02 21:43 ` [Qemu-devel] [PATCH 06/15] sheepdog: Don't truncate long VDI name in _open(), _create() Markus Armbruster
2017-03-02 23:32 ` Eric Blake
2017-03-03 0:25 ` Philippe Mathieu-Daudé
2017-03-03 5:21 ` Markus Armbruster
2017-03-03 5:21 ` Markus Armbruster
2017-03-03 0:10 ` Philippe Mathieu-Daudé
2017-03-02 21:43 ` [Qemu-devel] [PATCH 07/15] sheepdog: Report errors in pseudo-filename more usefully Markus Armbruster
2017-03-03 13:36 ` Kevin Wolf
2017-03-03 14:53 ` Markus Armbruster
2017-03-03 13:49 ` Kevin Wolf
2017-03-03 14:57 ` Markus Armbruster
2017-03-02 21:43 ` [Qemu-devel] [PATCH 08/15] sheepdog: Use SocketAddress and socket_connect() Markus Armbruster
2017-03-03 13:47 ` Kevin Wolf
2017-03-02 21:44 ` [Qemu-devel] [PATCH 09/15] sheepdog: Implement bdrv_parse_filename() Markus Armbruster
2017-03-03 20:17 ` Eric Blake
2017-03-02 21:44 ` [Qemu-devel] [PATCH 10/15] gluster: Drop assumptions on SocketTransport names Markus Armbruster
2017-03-03 6:40 ` [Qemu-devel] [Qemu-block] " Niels de Vos
2017-03-03 7:31 ` Markus Armbruster
2017-03-02 21:44 ` [Qemu-devel] [PATCH 11/15] gluster: Don't duplicate qapi-util.c's qapi_enum_parse() Markus Armbruster
2017-03-03 6:35 ` [Qemu-devel] [Qemu-block] " Niels de Vos
2017-03-02 21:44 ` [Qemu-devel] [PATCH 12/15] gluster: Plug memory leaks in qemu_gluster_parse_json() Markus Armbruster
2017-03-03 7:11 ` [Qemu-devel] [Qemu-block] " Niels de Vos
2017-03-03 7:38 ` Markus Armbruster
2017-03-03 8:17 ` Niels de Vos
2017-03-03 8:35 ` Markus Armbruster
2017-03-03 17:06 ` Niels de Vos
2017-03-02 21:44 ` [Qemu-devel] [PATCH 13/15] qapi-schema: Rename GlusterServer to SocketAddressFlat Markus Armbruster
2017-03-03 16:31 ` Eric Blake
2017-03-03 17:05 ` Markus Armbruster
2017-03-03 18:33 ` Eric Blake
2017-03-02 21:44 ` [Qemu-devel] [PATCH 14/15] qapi-schema: Rename SocketAddressFlat's variant tcp to inet Markus Armbruster
2017-03-03 18:35 ` Eric Blake
2017-03-03 20:03 ` Markus Armbruster
2017-03-06 15:00 ` Markus Armbruster
2017-03-02 21:44 ` [Qemu-devel] [PATCH 15/15] sheepdog: Support blockdev-add Markus Armbruster
2017-03-03 18:42 ` Eric Blake
2017-03-02 23:35 ` [Qemu-devel] [PATCH 00/15] block: A bunch of fixes for Sheepdog and Gluster Eric Blake
2017-03-03 5:39 ` Markus Armbruster
2017-03-03 16:27 ` Eric Blake
2017-03-03 17:14 ` Peter Maydell
2017-03-03 18:37 ` Markus Armbruster
2017-03-03 18:50 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1488491046-2549-2-git-send-email-armbru@redhat.com \
--to=armbru@redhat.com \
--cc=jcody@redhat.com \
--cc=kwolf@redhat.com \
--cc=mitake.hitoshi@lab.ntt.co.jp \
--cc=namei.unix@gmail.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).