remote: handle partial data transmission

A new bug was introduced as a part of use-after-free fix below:

    commit 411cbe7199ce533ae5fa78f5558dddca6f88ef1a
    Author: Oleg Vasilev <oleg.vasilev@virtuozzo.com>
    Date:   Tue Jul 4 13:10:22 2023 +0600

        remote: fix stream use-after-free

When the message was processed partially, it is actually supposed to
stay in the queue to be processed again. In such case, reinsert it back.

Signed-off-by: Oleg Vasilev <oleg.vasilev@virtuozzo.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

diff --git a/src/remote/remote_daemon_stream.c b/src/remote/remote_daemon_stream.c
index 345c40b48cb2982d9d2aa9b30b22b7dffc5d6ce9..f52af790c113cf4f357d5272703686dbee0cdbd5 100644 (file)
--- a/src/remote/remote_daemon_stream.c
+++ b/src/remote/remote_daemon_stream.c
@@ -775,8 +775,12 @@ daemonStreamHandleWrite(virNetServerClient *client,
             ret = -1;
         }
 
-        if (ret > 0)
-            break;  /* still processing data from msg */
+        if (ret > 0) {
+            /* still processing data from msg, put it back into queue */
+            msg->next = stream->rx;
+            stream->rx = msg;
+            break;
+        }
 
         if (ret < 0) {
             virNetMessageFree(msg);