Re: [Libguestfs] [PATCH nbdkit v2 1/2] ocaml: Change pread method to avoid leaking heap memory.

In the C part of the OCaml plugin we created a ‘bytes’ [byte array] and passed it to the OCaml pread method. The plugin is supposed to overwrite the array with the returned data. However if (eg. because of a bug) the plugin does not fill the array then whatever was in the OCaml or possibly even the C heap before the allocation is returned to the client, possibly resulting in a leak of sensitive data. This changes the signature of the pread function in OCaml plugins. Instead of passing in an uninitialized ‘bytes’ object of the right length, the count is passed explicitly and the pread method should return a string of the correct length. This is both more similar to how other language plugins work, and is safer because all allocation is done on the OCaml side. - pread : 'a -> bytes -> int64 -> flags -> unit + pread : 'a -> int32 -> int64 -> flags -> string

--- plugins/ocaml/ocaml.c | 16 ++++++++++++---- plugins/ocaml/NBDKit.ml | 4 ++-- plugins/ocaml/NBDKit.mli | 2 +- tests/test_ocaml_plugin.ml | 8 +++++--- 4 files changed, 20 insertions(+), 10 deletions(-)