[Libguestfs] [PATCH v3 01/14] nbd/client: Use smarter assert
Vladimir Sementsov-Ogievskiy
vsementsov at yandex-team.ru
Mon May 29 08:20:09 UTC 2023
On 15.05.23 22:53, Eric Blake wrote:
> Assigning strlen() to a uint32_t and then asserting that it isn't too
> large doesn't catch the case of an input string 4G in length.
> Thankfully, the incoming strings can never be that large: if the
> export name or query is reflecting a string the client got from the
> server, we already guarantee that we dropped the NBD connection if the
> server sent more than 32M in a single reply to our NBD_OPT_* request;
> if the export name is coming from qemu, nbd_receive_negotiate()
> asserted that strlen(info->name) <= NBD_MAX_STRING_SIZE; and
> similarly, a query string via x->dirty_bitmap coming from the user was
> bounds-checked in either qemu-nbd or by the limitations of QMP.
> Still, it doesn't hurt to be more explicit in how we write our
> assertions to not have to analyze whether inadvertent wraparound is
> possible.
>
> Fixes: 93676c88 ("nbd: Don't send oversize strings", v4.2.0)
> Reported-by: Dr. David Alan Gilbert<dave at treblig.org>
> Signed-off-by: Eric Blake<eblake at redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov at yandex-team.ru>
--
Best regards,
Vladimir
More information about the Libguestfs
mailing list