This bug was found by Eric Blake. In the .pread method we allocate a buffer in the server and pass it to the plugin. The plugin is supposed to fill it with data. The buffer was uninitialized so initially contained random heap data, but that's OK provided the plugin fully overwrote it with data. All correctly written plugins ought to do this, however there is the possibility of an incorrectly written plugin not doing so. In that case heap memory would be leaked to the client.
The fix for this is to zero the buffer before passing it to the plugin, so even if the plugin doesn't fill it properly no heap memory is leaked. I checked our existing plugins and they are all safe, except for the OCaml plugin. The OCaml plugin had the same kind of mistake and needed a separate fix. Again, correctly written OCaml plugins should be fine, but incorrect ones could leak heap memory. Since nbdkit supports a stable API and ABI, plugins can be distributed outside nbdkit and we have no control over whether those plugins are doing the right thing. Rich. _______________________________________________ Libguestfs mailing list [email protected] https://www.redhat.com/mailman/listinfo/libguestfs
