A server that sticks a super-long UTF-8 string in an error reply could cause problems for clients. Should we have an upper bound on the length permissible in NBD_REP_ERR_*, such as 4096, and permit clients to disconnect if the server sends a length larger than that, so that clients can usefully read the error message into a stack-local buffer rather than having to heap-allocate and worry about a rogue server sending a message as large as 2^32 bytes?
-- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Nbd-general mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nbd-general
