[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] qemu-nbd: Ignore SIGPIPE
From: |
P J P |
Subject: |
Re: [Qemu-devel] [PATCH] qemu-nbd: Ignore SIGPIPE |
Date: |
Wed, 28 Jun 2017 23:31:01 +0530 (IST) |
+-- On Tue, 27 Jun 2017, Eric Blake wrote --+
| > $ qemu-nbd -x foo -f raw -t null-co:// &
| > [1] 12726
| > $ qemu-io -c quit nbd://localhost/bar
| > can't open device nbd://localhost/bar: No export with name 'bar' available
| > [1] + 12726 broken pipe qemu-nbd -x foo -f raw -t null-co://
| >
| > In this case, the client sends an NBD_OPT_ABORT and closes the
| > connection (because it is not required to wait for a reply), but the
| > server replies with an NBD_REP_ACK (because it is required to reply).
| >
| > Signed-off-by: Max Reitz <address@hidden>
| > ---
|
| As mentioned in another thread, I'm trying to figure out if this patch
| belongs as a third patch to fix CVE-2017-9524, or whether we want to
| open a second CVE by considering this a slightly different
| denial-of-service attack than what my patches fixed.
Yes, this would be a separate issue, as it breaks 'qemu-nbd' server
irrespective of whether 'CVE-2017-9524' fix is applied or not.
I'll get a CVE assigned and process it further.
Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F