From 80cfe4a43fab48f22b3a348cbd39e3447271775b Mon Sep 17 00:00:00 2001 From: Hani Benhabiles Date: Sun, 18 May 2014 11:50:05 +0100 Subject: nbd: Don't validate from and len in NBD_CMD_DISC. These values aren't used in this case. Currently, the from field in the request sent by the nbd kernel module leading to a false error message when ending the connection with the client. $ qemu-nbd some.img -v // After nbd-client -d /dev/nbd0 nbd.c:nbd_trip():L1031: From: 18446744073709551104, Len: 0, Size: 20971520, Offset: 0 nbd.c:nbd_trip():L1032: requested operation past EOF--bad client? nbd.c:nbd_receive_request():L638: read failed Signed-off-by: Hani Benhabiles Cc: qemu-stable@nongnu.org Signed-off-by: Paolo Bonzini (cherry picked from commit 8c5d1abbb79193dca8e4823ef53d8d1e650362ae) Signed-off-by: Michael Roth --- nbd.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/nbd.c b/nbd.c index e5084b6e7c..e335d3ace9 100644 --- a/nbd.c +++ b/nbd.c @@ -1001,6 +1001,7 @@ static void nbd_trip(void *opaque) struct nbd_request request; struct nbd_reply reply; ssize_t ret; + uint32_t command; TRACE("Reading request."); if (client->closing) { @@ -1023,8 +1024,8 @@ static void nbd_trip(void *opaque) reply.error = -ret; goto error_reply; } - - if ((request.from + request.len) > exp->size) { + command = request.type & NBD_CMD_MASK_COMMAND; + if (command != NBD_CMD_DISC && (request.from + request.len) > exp->size) { LOG("From: %" PRIu64 ", Len: %u, Size: %" PRIu64 ", Offset: %" PRIu64 "\n", request.from, request.len, @@ -1033,7 +1034,7 @@ static void nbd_trip(void *opaque) goto invalid_request; } - switch (request.type & NBD_CMD_MASK_COMMAND) { + switch (command) { case NBD_CMD_READ: TRACE("Request type is READ"); -- cgit v1.2.1