Re: [Qemu-devel] [PATCH 05/18] nbd: Reject unknown request flags

[Alex Bligh]

On 8 Apr 2016, at 23:05, Eric Blake <address@hidden> wrote:

> The NBD protocol says that clients should not send a command flag
> that has not been negotiated (whether by the client requesting an
> option during a handshake, or because we advertise support for the
> flag in response to NBD_OPT_EXPORT_NAME), and that servers should
> reject invalid flags with EINVAL.  We were silently ignoring the
> flags instead.  The client can't rely on our behavior, since it is
> their fault for passing the bad flag in the first place, but it's
> better to be robust up front than to possibly behave differently
> than the client was expecting with the attempted flag.
> 
> Signed-off-by: Eric Blake <address@hidden>

Reviewed-by: Alex Bligh <address@hidden>

> ---
> nbd/server.c | 5 +++++
> 1 file changed, 5 insertions(+)
> 
> diff --git a/nbd/server.c b/nbd/server.c
> index 81afae2..a10294e 100644
> --- a/nbd/server.c
> +++ b/nbd/server.c
> @@ -984,6 +984,11 @@ static ssize_t nbd_co_receive_request(NBDRequest *req, 
> struct nbd_request *reque
>         goto out;
>     }
> 
> +    if (request->type & ~NBD_CMD_MASK_COMMAND & ~NBD_CMD_FLAG_FUA) {
> +        LOG("unsupported flags (got 0x%x)",
> +            request->type & ~NBD_CMD_MASK_COMMAND);
> +        return -EINVAL;
> +    }
>     if ((request->from + request->len) < request->from) {
>         LOG("integer overflow detected! "
>             "you're probably being attacked");
> -- 
> 2.5.5
> 
> 

-- 
Alex Bligh