[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 15/61] qcow2: Assert against snapshot name/ID overflo
From: |
Kevin Wolf |
Subject: |
[Qemu-devel] [PULL 15/61] qcow2: Assert against snapshot name/ID overflow |
Date: |
Fri, 11 Oct 2013 17:05:05 +0200 |
From: Max Reitz <address@hidden>
qcow2_write_snapshots relies on the length of every snapshot ID and name
fitting into an unsigned 16 bit integer. This is currently ensured by
QEMU through generally only allowing 128 byte IDs and 256 byte names.
However, if this should change in the future, the length written to the
image file should not be silently truncated (though the name itself
would be written completely).
Since this is currently not an issue but might require attention due to
internal QEMU changes in the future, an assert ensuring sanity is enough
for now.
Signed-off-by: Max Reitz <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
---
block/qcow2-snapshot.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/block/qcow2-snapshot.c b/block/qcow2-snapshot.c
index f6f3e64..812dab2 100644
--- a/block/qcow2-snapshot.c
+++ b/block/qcow2-snapshot.c
@@ -221,6 +221,7 @@ static int qcow2_write_snapshots(BlockDriverState *bs)
id_str_size = strlen(sn->id_str);
name_size = strlen(sn->name);
+ assert(id_str_size <= UINT16_MAX && name_size <= UINT16_MAX);
h.id_str_size = cpu_to_be16(id_str_size);
h.name_size = cpu_to_be16(name_size);
offset = align_offset(offset, 8);
--
1.8.1.4
- [Qemu-devel] [PULL 07/61] qcow2: Add support for ImageInfoSpecific, (continued)
- [Qemu-devel] [PULL 07/61] qcow2: Add support for ImageInfoSpecific, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 09/61] qemu-iotests: Additional info from qemu-img info, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 10/61] qcow2: Alignment of snapshot table entries, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 08/61] qemu-iotests: Discard specific info in _img_info, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 11/61] qcow2: Use pread for inactive L1 in overlap check, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 12/61] qcow2: Free preallocated zero clusters, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 13/61] qcow2: Always use error path on writing snapshots, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 14/61] qcow2: Free allocated snapshot table on error, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 16/61] block/get_block_status: avoid redundant callouts on raw devices, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 17/61] block: Add BlockDriver.bdrv_check_ext_snapshot., Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 15/61] qcow2: Assert against snapshot name/ID overflow,
Kevin Wolf <=
- [Qemu-devel] [PULL 18/61] qemu-iotests: Discard preallocated zero clusters, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 19/61] ahci: set ahci mode on reset, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 21/61] qcow2: Add missing space in error message, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 20/61] block: qemu-iotests for vhdx, read sample dynamic image, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 22/61] qcow2: Remove wrong metadata overlap check, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 23/61] qcow2: Fix snapshot restoration in snapshot_create, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 24/61] qcow2: Use better type for numerical snapshot ID, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 25/61] block: Improve driver whitelist checks, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 26/61] qcow2: Use negated overflow check mask, Kevin Wolf, 2013/10/11
- [Qemu-devel] [PULL 27/61] qcow2: Make overlap check mask variable, Kevin Wolf, 2013/10/11