Commit 6c5faac6 authored by Eric Blake's avatar Eric Blake
Browse files

server: reset meta context replies on starttls

Related to CVE-2021-3716, but not as severe.  No compliant client will
send NBD_CMD_BLOCK_STATUS unless it first negotiates
NBD_OPT_SET_META_CONTEXT.  If an attacker injects a premature
SET_META_CONTEXT, either the client will never notice (because it
never uses BLOCK_STATUS), or the client will overwrite the attacker's
attempt with the client's own SET_META_CONTEXT request after
encryption is enabled.  So I don't class this as having the potential
to trigger denial-of-service due to any protocol mismatch between
compliant client and server (I don't care what happens with
non-compliant clients).

Fixes: 26455d45 (server: protocol: Implement Block Status "base:allocation".)
parent ff617f38
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment