qemu/nbd
Eric Blake f47b6eab83 nbd/client: Use smarter assert
Assigning strlen() to a uint32_t and then asserting that it isn't too
large doesn't catch the case of an input string 4G in length.
Thankfully, the incoming strings can never be that large: if the
export name or query is reflecting a string the client got from the
server, we already guarantee that we dropped the NBD connection if the
server sent more than 32M in a single reply to our NBD_OPT_* request;
if the export name is coming from qemu, nbd_receive_negotiate()
asserted that strlen(info->name) <= NBD_MAX_STRING_SIZE; and
similarly, a query string via x->dirty_bitmap coming from the user was
bounds-checked in either qemu-nbd or by the limitations of QMP.
Still, it doesn't hurt to be more explicit in how we write our
assertions to not have to analyze whether inadvertent wraparound is
possible.

Fixes: 93676c88 ("nbd: Don't send oversize strings", v4.2.0)
Reported-by: Dr. David Alan Gilbert <dave@treblig.org>
Signed-off-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Message-ID: <20230608135653.2918540-2-eblake@redhat.com>
2023-07-19 15:25:27 -05:00
..
client-connection.c bulk: Remove pointless QOM casts 2023-06-05 20:48:34 +02:00
client.c nbd/client: Use smarter assert 2023-07-19 15:25:27 -05:00
common.c nbd: Prepare for NBD_CMD_FLAG_FAST_ZERO 2019-09-05 16:03:13 -05:00
meson.build nbd: move connection code from block/nbd to nbd/client-connection 2021-06-18 10:59:53 -05:00
nbd-internal.h coroutine: Clean up superfluous inclusion of qemu/coroutine.h 2023-01-19 10:18:28 +01:00
server.c bulk: Remove pointless QOM casts 2023-06-05 20:48:34 +02:00
trace-events nbd: trace long NBD operations 2022-06-29 10:57:02 +03:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00