Patch 1 is a revised version after Maxim's comments - it moves the
length checks earlier into the system (for cleaner error messages
as soon as possible) and adds asserts at the later points that
are now guaranteed by the earlier checks. It also covers more
string handling, both in the client and in the server, by
ensuring that outgoing strings are properly constrained and
incoming strings are checked for validity before blind use.

Patch 2 is a new patch, written to make testing of description
strings in patch 1 easier.

Eric Blake (2):
  nbd: Don't send oversize strings
  nbd: Allow description when creating NBD blockdev

 qapi/block.json            |  8 +++++---
 include/block/nbd.h        |  1 +
 block/nbd.c                |  9 +++++++++
 blockdev-nbd.c             | 14 +++++++++++++-
 monitor/hmp-cmds.c         |  4 ++--
 nbd/client.c               | 16 +++++++++++++---
 nbd/server.c               | 14 ++++++++++++--
 qemu-nbd.c                 |  9 +++++++++
 tests/qemu-iotests/223     |  2 +-
 tests/qemu-iotests/223.out |  1 +
 10 files changed, 66 insertions(+), 12 deletions(-)

-- 
2.21.0