On 26/06/2016 00:15, Eric Blake wrote:
>
> +/* Send an error reply.
> + * Return -errno to kill connection, 0 to continue negotiation. */
> +static int GCC_FMT_ATTR(4, 5)
> + nbd_negotiate_send_rep_err(QIOChannel *ioc, uint32_t type,
> + uint32_t opt, const char *fmt, ...)
> +{
> + va_list va;
> + char *msg;
> + int ret;
> + size_t len;
> +
> + va_start(va, fmt);
> + msg = g_strdup_vprintf(fmt, va);
This leaks below.
Paolo
> + va_end(va);
> + len = strlen(msg);
> + assert(len < 4096);
> + TRACE("sending error message \"%s\"", msg);
> + ret = nbd_negotiate_send_rep_len(ioc, type, opt, len);
> + if (ret < 0) {
> + return ret;
> + }
> + if (nbd_negotiate_write(ioc, msg, len) != len) {
> + LOG("write failed (error message)");
> + return -EINVAL;
> + }
> + return 0;
