[Libguestfs] [libnbd PATCH v2 2/8] python: Plug uninit leak in nbd.Buffer.to_bytearray
Eric Blake
eblake at redhat.com
Tue Jun 7 14:06:38 UTC 2022
On Mon, Jun 06, 2022 at 09:08:27PM -0500, Eric Blake wrote:
>
> The solution employed here is to mark when a buffer has been
> initialized, in nbd.Buffer.from_bytearray() and
> h.aio_pread[_structured], as well as force-initialize an uninitialized
> buffer before b.to_bytearray() or h.aio_pwrite. Furthermore, we can
> make b.is_zero() pretend an uninitialized buffer is all zeroes (since
> the user can no longer easily get at any other contents).
>
> @@ -288,7 +295,7 @@ nbd_internal_py_aio_buffer_is_zero (PyObject *self, PyObject *args)
> return NULL;
> }
>
> - if (is_zero (buf->data + offset, size))
> + if (!buf->initialized || is_zero (buf->data + offset, size))
> Py_RETURN_TRUE;
> else
> Py_RETURN_FALSE;
I just noticed this function has an odd order of execution - if size
is 0, it returns true even if offset is out-of-bounds. It would also
be more Pythonic if we changed offset/size to instead be more like
Python range start/stop parameters (particularly since future patches
can then compute memoryview(buffer)[start:end] as the bytes to check
for being zero), but that's an API change. I'll have to think about
that one more...
But that doesn't change the content of this patch.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
More information about the Libguestfs
mailing list