On 1/17/20 8:54 AM, Tiwei Bie wrote:
> On Thu, Jan 16, 2020 at 11:44:44AM +0100, Maxime Coquelin wrote:
>> This patch adds a check to ensure the read size of
>> the Vhost-user message header is not smaller than
>> the expected size.
>>
>> Fixes: 8f972312b8f4 ("vhost: support vhost-user")
>> Cc: sta...@dpdk.org
>>
>> Reported-by: Ilja Van Sprundel <ivansprun...@ioactive.com>
>> Signed-off-by: Maxime Coquelin <maxime.coque...@redhat.com>
>> ---
>> lib/librte_vhost/vhost_user.c | 6 +++++-
>> 1 file changed, 5 insertions(+), 1 deletion(-)
>>
>> diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
>> index 69b84a8820..0b7d1e288e 100644
>> --- a/lib/librte_vhost/vhost_user.c
>> +++ b/lib/librte_vhost/vhost_user.c
>> @@ -2440,8 +2440,12 @@ read_vhost_message(int sockfd, struct VhostUserMsg
>> *msg)
>>
>> ret = read_fd_message(sockfd, (char *)msg, VHOST_USER_HDR_SIZE,
>> msg->fds, VHOST_MEMORY_MAX_NREGIONS, &msg->fd_num);
>> - if (ret <= 0)
>> + if (ret <= 0) {
>> return ret;
>> + } else if (ret != VHOST_USER_HDR_SIZE) {
>> + VHOST_LOG_CONFIG(ERR, "Unexpected header size read\n");
>> + return -1;
>
> It's better to close the potential fds in msg->fds[]
> e.g. by calling close_msg_fds(msg).
Correct, adding it in v2.
Thanks,
Maxime
> Regards,
> Tiwei
>
>> + }
>>
>> if (msg->size) {
>> if (msg->size > sizeof(msg->payload)) {
>> --
>> 2.21.0
>>
>
