Re: [Libguestfs] [PATCH libnbd 2/2] examples: copy-libev.c: Fix error handling
On Thu, Jan 27, 2022 at 01:49:31AM +0200, Nir Soffer wrote:
This example failed to check the *error parameter to the completion
and
extent callbacks.
- If the source NBD server failed a read, we wrote stale data from the
request buffer to the destination image, corrupting the
image.
- If the destination NBD server failed a write or zero command, we
ignored the error, leaving previous content on the destination image,
corrupting the image.
- Error in the extents callbacks were ignored. I'm not sure if this was
a real problem, but it is a very bad example.
In all cases, the copy would end with zero exit code creating a
corrupted image.
Oh well. This silent data corruption affects more than copy-libev.c;
I'm in process of getting a CVE assigned for the same bug in nbdcopy.
(I had been hoping to keep it under embargo if needed, but the cat's
out of the bag now, so watch for similar patches to other affected
clients.)
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org