This patch adds a check to ensure the read size of
the Vhost-user message header is not smaller than
the expected size.
Fixes: 8f972312b8f4 ("vhost: support vhost-user")
Cc: sta...@dpdk.org
Reported-by: Ilja Van Sprundel <ivansprun...@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coque...@redhat.com>
---
lib/librte_vhost/vhost_user.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index 69b84a8820..0b7d1e288e 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -2440,8 +2440,12 @@ read_vhost_message(int sockfd, struct VhostUserMsg *msg)
ret = read_fd_message(sockfd, (char *)msg, VHOST_USER_HDR_SIZE,
msg->fds, VHOST_MEMORY_MAX_NREGIONS, &msg->fd_num);
- if (ret <= 0)
+ if (ret <= 0) {
return ret;
+ } else if (ret != VHOST_USER_HDR_SIZE) {
+ VHOST_LOG_CONFIG(ERR, "Unexpected header size read\n");
+ return -1;
+ }
if (msg->size) {
if (msg->size > sizeof(msg->payload)) {
--
2.21.0
