On Fri, Aug 04, 2023 at 11:49:18AM +0100, Richard W.M. Jones wrote: > On Wed, Aug 02, 2023 at 08:50:21PM -0500, Eric Blake wrote: > > Previously, we had not been doing any validation of server extent > > responses, which means a client query at an offset near the end of the > > export can result in a buggy server sending a response longer than the > > export length and potentially confusing the client. The NBD spec also > > says that an extent length should be non-zero so that a successful > > block status call makes progress. It is easy enough to track that the > > server has not overflowed the export size, and that we ensure an error > > on no progress even when the buggy server claims success. Since the > > spec says a client should be prepared for a block status result to be > > truncated, the client should not care whether the truncation happened > > at the server or at libnbd after validating the server's response. > > > > In the process, this patch reorganizes some of the code so that early > > exits are obvious, leading for less indentation in the success path. > > > > Adding this sanity checking now makes it easier for future patches to > > do orthogonal support for a server's 32- or 64-bit reply, vs. a > > client's 32- or 64-bit API call. Once 64-bit replies are in play, we > > will additionally have to worry about a 64-bit reply that overflows a > > 32-bit API callback without exceeding the exportsize. Similarly, > > since nbd_get_size() already caps export size at 63 bits (based on > > off_t limitations), we have guaranteed that a 64-bit API callback will > > never see an extent length that could appear negative in a 64-bit > > signed type (at least OCaml benefits from that guarantee, since its > > only native 64-bit integer type is signed). > > > > Signed-off-by: Eric Blake <ebl...@redhat.com> > > --- > > Acked-by: Richard W.M. Jones <rjo...@redhat.com>
This one is now in (e8d837d3), then I'm trying to get CI to a good shape on Rust before proceeding with the rest of my patches (so I can feel more confident I'm not causing Rust regressions). -- Eric Blake, Principal Software Engineer Red Hat, Inc. Virtualization: qemu.org | libguestfs.org _______________________________________________ Libguestfs mailing list Libguestfs@redhat.com https://listman.redhat.com/mailman/listinfo/libguestfs
