mirror of
https://github.com/qemu/qemu.git
synced 2024-11-24 03:13:44 +08:00
70fa99f445
Our existing use of structured replies either reads into a qiov capped at 32M (NBD_CMD_READ) or caps allocation to 1000 bytes (see NBD_MAX_MALLOC_PAYLOAD in block/nbd.c). But the existing length checks are rather late; if we encounter a buggy (or malicious) server that sends a super-large payload length, we should drop the connection right then rather than assuming the layer on top will be careful. This becomes more important when we permit 64-bit lengths which are even more likely to have the potential for attempted denial of service abuse. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Message-ID: <20230608135653.2918540-8-eblake@redhat.com> |
||
---|---|---|
.. | ||
client-connection.c | ||
client.c | ||
common.c | ||
meson.build | ||
nbd-internal.h | ||
server.c | ||
trace-events | ||
trace.h |