[Libguestfs] [nbdkit PATCH v2 1/7] server: Reject -e with too long of a name

Eric Blake eblake at redhat.com
Sat Sep 28 04:48:43 UTC 2019 

The NBD protocol requires strings to be capped at 4k; we violated that
if the client requests NBD_OPT_LIST but the command line provided too
long of a string.

The protocol also requires that strings be valid UTF-8, but for now,
we are accepting any byte sequence.

However, we still need another patch before the test is fully
complete: qemu-nbd --list wants to send a valid NBD_OPT_INFO with
length longer than we currently permit.

Signed-off-by: Eric Blake <eblake at redhat.com>
---
 server/main.c           |  6 ++++
 tests/Makefile.am       |  2 ++
 tests/test-long-name.sh | 65 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 73 insertions(+)
 create mode 100755 tests/test-long-name.sh

diff --git a/server/main.c b/server/main.c
index 975716dc..56231497 100644
--- a/server/main.c
+++ b/server/main.c
@@ -51,6 +51,7 @@
 #include <dlfcn.h>

 #include "internal.h"
+#include "nbd-protocol.h"
 #include "options.h"
 #include "exit-with-parent.h"

@@ -330,6 +331,11 @@ main (int argc, char *argv[])

     case 'e':
       exportname = optarg;
+      if (strnlen (exportname, NBD_MAX_STRING + 1) > NBD_MAX_STRING) {
+        nbdkit_error ("export name too long");
+        exit (EXIT_FAILURE);
+      }
+      /* TODO: Check that name is valid UTF-8? */
       newstyle = true;
       break;

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 7d254be9..046e219a 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -79,6 +79,7 @@ EXTRA_DIST = \
 	test-linuxdisk.sh \
 	test-linuxdisk-copy-out.sh \
 	test-log.sh \
+	test-long-name.sh \
 	test.lua \
 	test-memory-largest.sh \
 	test-memory-largest-for-qemu.sh \
@@ -198,6 +199,7 @@ TESTS += \
 	test-socket-activation \
 	test-foreground.sh \
 	test-debug-flags.sh \
+	test-long-name.sh \
 	$(NULL)

 check_PROGRAMS += \
diff --git a/tests/test-long-name.sh b/tests/test-long-name.sh
new file mode 100755
index 00000000..214a5e7a
--- /dev/null
+++ b/tests/test-long-name.sh
@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+# nbdkit
+# Copyright (C) 2019 Red Hat Inc.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# * Neither the name of Red Hat nor the names of its contributors may be
+# used to endorse or promote products derived from this software without
+# specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+# PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+
+source ./functions.sh
+set -e
+set -x
+
+fail=0
+
+# Test handling of NBD maximum string length of 4k.
+
+requires qemu-nbd --version
+
+name16=1234567812345678
+name64=$name16$name16$name16$name16
+name256=$name64$name64$name64$name64
+name1k=$name256$name256$name256$name256
+name4k=$name1k$name1k$name1k$name1k
+almost4k=${name4k%8$name16}
+
+# Test behavior of -e: accept 4k max, reject longer
+nbdkit -U - -e $name4k null --run true || fail=1
+nbdkit -U - -e a$name4k null --run true && fail=1
+
+# The rest of this test uses the ‘qemu-nbd --list’ option added in qemu 4.0.
+if ! qemu-nbd --help | grep -sq -- --list; then
+    echo "$0: skipping because qemu-nbd does not support the --list option"
+    exit 77
+fi
+
+# Test response to NBD_OPT_LIST
+nbdkit -U - -e $almost4k null --run 'qemu-nbd --list -k $unixsocket' || fail=1
+# FIXME: Right now, we can't accept full 4k length - this should succeed
+nbdkit -U - -e $name4k null --run 'qemu-nbd --list -k $unixsocket' && fail=1
+
+exit $fail
-- 
2.21.0

More information about the Libguestfs mailing list