-
While debugging some experimental nbdkit code that was triggering an assertion failure in nbdkit, I noticed a secondary failure of nbdsh also dying from an assertion: libnbd: debug: nbdsh: nbd_opt_go: transition: NEWSTYLE.OPT_GO.SEND -> DEAD libnbd: debug: nbdsh: nbd_opt_go: option queued, ignoring state machine failure nbdsh: opt.c:86: nbd_unlocked_opt_go: Assertion `nbd_internal_is_state_negotiating (get_next_state (h))' failed. Although my trigger was from non-production nbdkit code, libnbd should never die from an assertion failure merely because a server disappeared at the wrong moment during an incomplete reply to NBD_OPT_GO or NBD_OPT_INFO. If this is assigned a CVE, a followup patch will add mention of it in docs/libnbd-security.pod. Fixes: bbf1c513 (api: Give aio_opt_go a completion callback) (cherry picked from commit fb4440de)
2216190e