[Libguestfs] [libnbd PATCH v2 5/5] copy: CVE-2022-0485: Fail nbdcopy if NBD read or write fails

[Richard W.M. Jones]

On Fri, Feb 04, 2022 at 08:44:00AM -0600, Eric Blake wrote:
> On Fri, Feb 04, 2022 at 10:09:26AM +0100, Laszlo Ersek wrote:
> > On 02/03/22 21:25, Eric Blake wrote:
> > > nbdcopy has a nasty bug when performing multi-threaded copies using
> > > asynchronous nbd calls - it was blindly treating the completion of an
> > > asynchronous command as successful, rather than checking the *error
> > > parameter.  This can result in the silent creation of a corrupted
> > > image in two different ways: when a read fails, we blindly wrote
> > > garbage to the destination; when a write fails, we did not flag that
> > > the destination was not written.
> > > 
> > > +  /* XXX - is it worth retrying a failed command? */
> > > +  if (*error) {
> > > +    fprintf (stderr, "read at offset 0x%" PRIx64 "failed: %s\n",
> > 
> > Like Nir said, it should be '" failed..."'. (I'm neutral on PRIx64 vs.
> > PRIu64.)
> > 
> > Reviewed-by: Laszlo Ersek <lersek at redhat.com>
> > 
> > Thanks
> > Laszlo
> 
> Now pushed upstream as a865526..8d444b4, with tweaks to patches 1 and
> 5 content and patch 4 commit message per review comments.
> 
> I'm starting the backport process to stable branches, and will
> followup with a top-level post as the security announcement (although
> given my schedule today, the announcement may be delayed to Monday).

I'll do the RHEL bugs once I see your backports to the stable branches.

(This is assuming that if a second CVE is filed we'll treat it as a
separate set of work.)

Thanks for the huge amount of work on this one.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW