Changeset 26959 in vbox for trunk/src/VBox

Timestamp:

Mar 2, 2010 5:08:52 PM (15 years ago)

Author:

vboxsync

Message:

Storage/iSCSI: fix crash when the iSCSI connection could not be established, and another crash caused by using the wrong buffer length in memcpy.

File:

• trunk/src/VBox/Devices/Storage/ISCSIHDDCore.cpp (modified) (13 diffs)

trunk/src/VBox/Devices/Storage/ISCSIHDDCore.cpp

@@ -330 +330 @@
     /** Size of volume in sectors. */
     uint64_t            cVolume;
-    /** Total volume size in bytes. Easier that multiplying the above values all the time. */
+    /** Total volume size in bytes. Easier than multiplying the above values all the time. */
     uint64_t            cbSize;
 
@@ -882 +882 @@
  *
  * @returns VBox status.
- * @param   pImage  The iSCSI connection state to be used.
+ * @param   pImage      The iSCSI connection state to be used.
  */
 static int iscsiAttach(PISCSIIMAGE pImage)
@@ -939 +939 @@
 restart:
     if (pImage->Socket == NIL_RTSOCKET)
+    {
         rc = iscsiTransportOpen(pImage);
+        if (RT_FAILURE(rc))
+        goto out;
+    }
 
     pImage->state = ISCSISTATE_IN_LOGIN;
@@ -1317 +1321 @@
  *
  * @returns VBox status.
- * @param   pImage  The iSCSI connection state to be used.
+ * @param   pImage      The iSCSI connection state to be used.
  */
 static int iscsiDetach(PISCSIIMAGE pImage)
@@ -1405 +1409 @@
  *
  * @returns VBOX status.
- * @param   pImage  The iSCSI connection state to be used.
- * @param   pRequest        Command descriptor. Contains all information about
- *                          the command, its transfer directions and pointers
- *                          to the buffer(s) used for transferring data and
- *                          status information.
+ * @param   pImage      The iSCSI connection state to be used.
+ * @param   pRequest    Command descriptor. Contains all information about
+ *                      the command, its transfer directions and pointers
+ *                      to the buffer(s) used for transferring data and
+ *                      status information.
  */
 static int iscsiCommand(PISCSIIMAGE pImage, PSCSIREQ pRequest)
@@ -1627 +1631 @@
  *
  * @returns Initiator Task Tag.
- * @param   pImage  The iSCSI connection state to be used.
+ * @param   pImage      The iSCSI connection state to be used.
  */
 static uint32_t iscsiNewITT(PISCSIIMAGE pImage)
@@ -1645 +1649 @@
  *
  * @returns VBOX status
- * @param   pImage  The iSCSI connection state to be used.
- * @param   paReq      Pointer to array of iSCSI request sections.
- * @param   cnReq      Number of valid iSCSI request sections in the array.
+ * @param   pImage      The iSCSI connection state to be used.
+ * @param   paReq       Pointer to array of iSCSI request sections.
+ * @param   cnReq       Number of valid iSCSI request sections in the array.
  */
 static int iscsiSendPDU(PISCSIIMAGE pImage, PISCSIREQ paReq, uint32_t cnReq)
 {
     int rc = VINF_SUCCESS;
-    uint32_t i;
     /** @todo return VERR_VD_ISCSI_INVALID_STATE in the appropriate situations,
      * needs cleaning up of timeout/disconnect handling a bit, as otherwise
@@ -1660 +1663 @@
     Assert(paReq[0].cbSeg >= ISCSI_BHS_SIZE);
 
-    for (i = 0; i < pImage->cISCSIRetries; i++)
+    for (uint32_t i = 0; i < pImage->cISCSIRetries; i++)
     {
         rc = iscsiTransportWrite(pImage, paReq, cnReq);
@@ -1691 +1694 @@
  *
  * @returns VBOX status
- * @param   pImage  The iSCSI connection state to be used.
- * @param   paRes      Pointer to array of iSCSI response sections.
- * @param   cnRes      Number of valid iSCSI response sections in the array.
+ * @param   pImage      The iSCSI connection state to be used.
+ * @param   paRes       Pointer to array of iSCSI response sections.
+ * @param   cnRes       Number of valid iSCSI response sections in the array.
  */
 static int iscsiRecvPDU(PISCSIIMAGE pImage, uint32_t itt, PISCSIRES paRes, uint32_t cnRes)
 {
     int rc = VINF_SUCCESS;
-    uint32_t i;
     ISCSIRES aResBuf;
 
-    for (i = 0; i < pImage->cISCSIRetries; i++)
+    for (uint32_t i = 0; i < pImage->cISCSIRetries; i++)
     {
         aResBuf.pvSeg = pImage->pvRecvPDUBuf;
@@ -1801 +1803 @@
                     if (cbSeg > paRes[j].cbSeg)
                     {
-                        memcpy(paRes[j].pvSeg, pSrc, paRes[i].cbSeg);
+                        memcpy(paRes[j].pvSeg, pSrc, paRes[j].cbSeg);
                         pSrc += paRes[j].cbSeg;
                         cbSeg -= paRes[j].cbSeg;
@@ -1859 +1861 @@
  *
  * @returns VBOX status
- * @param   paRes      Pointer to array of iSCSI response sections.
- * @param   cnRes      Number of valid iSCSI response sections in the array.
+ * @param   paRes       Pointer to array of iSCSI response sections.
+ * @param   cnRes       Number of valid iSCSI response sections in the array.
  */
 static int drvISCSIValidatePDU(PISCSIRES paRes, uint32_t cnRes)
@@ -2016 +2018 @@
  *
  * @returns VBOX status.
- * @param   pbBuf      Buffer containing key=value pairs.
- * @param   cbBuf      Length of buffer with key=value pairs.
- * @param   pszKey     Pointer to key for which to retrieve the value.
- * @param   ppszValue  Pointer to value string pointer.
+ * @param   pbBuf       Buffer containing key=value pairs.
+ * @param   cbBuf       Length of buffer with key=value pairs.
+ * @param   pszKey      Pointer to key for which to retrieve the value.
+ * @param   ppszValue   Pointer to value string pointer.
  */
 static int iscsiTextGetKeyValue(const uint8_t *pbBuf, size_t cbBuf, const char *pcszKey, const char **ppcszValue)
@@ -2148 +2150 @@
  *
  * @returns VBOX status.
- * @param   pImage     Current iSCSI initiator state.
- * @param   pbBuf      Buffer containing key=value pairs.
- * @param   cbBuf      Length of buffer with key=value pairs.
+ * @param   pImage      Current iSCSI initiator state.
+ * @param   pbBuf       Buffer containing key=value pairs.
+ * @param   cbBuf       Length of buffer with key=value pairs.
  */
 static int iscsiUpdateParameters(PISCSIIMAGE pImage, const uint8_t *pbBuf, size_t cbBuf)