On Fri, Jul 24, 2020 at 1:10 PM Stephen Hemminger <stephen@xxxxxxxxxxxxxxxxxx> wrote: > What is the rationale for this change, it may break other code. > > A common API model in Windows world where this originated > is to have a call where caller first > makes request and then if the requested buffer is not big enough the > caller look at the actual length and allocate a bigger buffer. > > Did you audit all the users of this API to make sure they aren't doing that. > The rationale for the change was to solve instances like the one @Haiyang Zhang pointed out, especially in hv_utils, which needs additional hardening. Unfortunately, there is an instance in hv_pci_onchannelcallback() that does what you just described. Thus, the fix will have to be made to all the callers of vmbus_recvpacket() and vmbus_recvpacket_raw() to make sure they check the return value, which most callers are not doing now. Thanks for pointing out this behavior. I was not aware that the length can be checked by callers to allocate a bigger buffer.