qemu/include
Eric Blake 93676c88d7 nbd: Don't send oversize strings
Qemu as server currently won't accept export names larger than 256
bytes, nor create dirty bitmap names longer than 1023 bytes, so most
uses of qemu as client or server have no reason to get anywhere near
the NBD spec maximum of a 4k limit per string.

However, we weren't actually enforcing things, ignoring when the
remote side violates the protocol on input, and also having several
code paths where we send oversize strings on output (for example,
qemu-nbd --description could easily send more than 4k).  Tighten
things up as follows:

client:
- Perform bounds check on export name and dirty bitmap request prior
  to handing it to server
- Validate that copied server replies are not too long (ignoring
  NBD_INFO_* replies that are not copied is not too bad)
server:
- Perform bounds check on export name and description prior to
  advertising it to client
- Reject client name or metadata query that is too long
- Adjust things to allow full 4k name limit rather than previous
  256 byte limit

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20191114024635.11363-4-eblake@redhat.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-11-18 16:01:34 -06:00
..
authz Include generated QAPI headers less 2019-08-16 13:31:51 +02:00
block nbd: Don't send oversize strings 2019-11-18 16:01:34 -06:00
chardev Include qemu/main-loop.h less 2019-08-16 13:31:52 +02:00
crypto crypto: define cleanup functions for use with g_autoptr 2019-08-22 10:47:12 +01:00
disas plugin: add qemu_plugin_insn_disas helper 2019-10-28 15:12:38 +00:00
exec TCG Plugins initial implementation 2019-10-30 14:10:32 +00:00
fpu fpu: make softfloat-macros "self-contained" 2019-08-19 12:07:13 +01:00
hw ppc patch queue 2019-11-15 2019-11-18 11:09:06 +00:00
io socket: Add num connections to qio_net_listener_open_sync() 2019-09-03 23:24:42 +02:00
libdecnumber include: Make headers more self-contained 2019-08-16 13:31:51 +02:00
migration migration: add new migration state wait-unplug 2019-10-29 18:55:26 -04:00
monitor Include hw/qdev-properties.h less 2019-08-16 13:31:53 +02:00
net Include qemu/queue.h slightly less 2019-08-16 13:31:52 +02:00
qapi qapi: Make visit_next_list()'s comment less confusing 2019-09-24 11:03:44 +02:00
qemu tcg plugins: expose an API version concept 2019-11-12 14:32:55 +00:00
qom vl: Split off user_creatable_print_help() 2019-10-14 17:12:48 +02:00
scsi scsi: explicitly list guest-recoverable sense codes 2019-07-15 11:20:42 +02:00
standard-headers linux headers: update against v5.4-rc1 2019-10-15 18:09:02 +01:00
sysemu bootdevice: FW_CFG interface for LCHS values 2019-10-31 11:47:38 -04:00
ui ui/egl: fix framebuffer reads 2019-09-17 13:42:02 +02:00
user *-user: plugin syscalls 2019-10-28 15:12:38 +00:00
elf.h linux-user: elf: ELF_HWCAP for s390x 2019-06-07 14:53:26 +02:00
glib-compat.h glib: bump min required glib library version to 2.48 2019-08-22 10:46:34 +01:00
qemu-common.h exec: Split out variable page size support to exec-vary.c 2019-10-28 10:26:02 +01:00
qemu-io.h Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
trace-tcg.h trace: get rid of generated-events.h/generated-events.c 2016-10-12 09:54:52 +02:00