Paolo Bonzini <pbonz...@redhat.com> writes: > Il 26/08/2013 11:06, Nikunj A Dadhania ha scritto: >>>> + fprintf(stderr, "vscsi_send_capabilities: size out of bound !\n"); >>>> + goto error_out; >>>> + } >>> >>> I am not 100% familiar with the protocol, could it be that we should >>> just read sizeof(cap) instead of erroring out or is there no way it >>> can be correct and have a len too long ? >> >> If the length is incorrect, can we trust whether cap is correct or is of >> the type we are expecting? > > We shouldn't care, it'd be a guest bug.
Then we can do a warning on the size and set only the parts supported. This is a kind of negotiating capabilities, where the guest says that I can support following vscsi capabilities, hypervisor if it has implemented them should return back with affirmative for the capabilities supported. If not, tell the guest that hypervisor cannot support. > > If the guest is asking for say 1024 bytes, we do not have to fill all of > them. It is in principle possible that a subsequent revision of vscsi > will make the struct larger; perhaps a bit in the first part of the > struct will tell the guest if the second part has been filled. > > Unless the spec explicitly say the opposite, I would just zero the bytes > between sizeof(cap) and len. Makes sense. I will change the patch accordingly. Regards Nikunj
