[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL v2 24/40] qcow2: avoid misaligned 64bit bswap
From: |
Kevin Wolf |
Subject: |
[Qemu-devel] [PULL v2 24/40] qcow2: avoid misaligned 64bit bswap |
Date: |
Tue, 10 Nov 2015 15:09:24 +0100 |
From: John Snow <address@hidden>
If we create a buffer directly on the stack by using 12 bytes, there's
no guarantee the 64bit value we want to swap will be aligned, which
could cause errors with undefined behavior.
Spotted with clang -fsanitize=undefined and observed in iotests 15, 26,
44, 115 and 121.
Signed-off-by: John Snow <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
---
block/qcow2-refcount.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 4b81c8d..6e0e5bd 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -560,13 +560,16 @@ static int alloc_refcount_block(BlockDriverState *bs,
}
/* Hook up the new refcount table in the qcow2 header */
- uint8_t data[12];
- cpu_to_be64w((uint64_t*)data, table_offset);
- cpu_to_be32w((uint32_t*)(data + 8), table_clusters);
+ struct QEMU_PACKED {
+ uint64_t d64;
+ uint32_t d32;
+ } data;
+ cpu_to_be64w(&data.d64, table_offset);
+ cpu_to_be32w(&data.d32, table_clusters);
BLKDBG_EVENT(bs->file, BLKDBG_REFBLOCK_ALLOC_SWITCH_TABLE);
ret = bdrv_pwrite_sync(bs->file->bs,
offsetof(QCowHeader, refcount_table_offset),
- data, sizeof(data));
+ &data, sizeof(data));
if (ret < 0) {
goto fail_table;
}
--
1.8.3.1
- [Qemu-devel] [PULL v2 13/40] hmp: Use blockdev-change-medium for change command, (continued)
- [Qemu-devel] [PULL v2 13/40] hmp: Use blockdev-change-medium for change command, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 15/40] hmp: Add read-only-mode option to change command, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 14/40] blockdev: read-only-mode for blockdev-change-medium, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 18/40] block: rename BlockdevSnapshot to BlockdevSnapshotSync, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 17/40] block: check for existing device IDs in external_snapshot_prepare(), Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 19/40] block: support passing 'backing': '' to 'blockdev-add', Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 22/40] commit: reopen overlay_bs before base, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 21/40] block: add tests for the 'blockdev-snapshot' command, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 20/40] block: add a 'blockdev-snapshot' QMP command, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 26/40] throttle: Check for pending requests in throttle_group_unregister_bs(), Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 24/40] qcow2: avoid misaligned 64bit bswap,
Kevin Wolf <=
- [Qemu-devel] [PULL v2 16/40] iotests: Add test for change-related QMP commands, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 23/40] qemu-iotests: Test the reopening of overlay_bs in 'block-commit', Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 28/40] block: Disallow snapshots if the overlay doesn't support backing files, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 29/40] block: Remove inner quotation marks in iotest 085, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 25/40] qemu-img: add check for zero-length job len, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 32/40] qemu-io: Check for trailing chars, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 27/40] throttle: Use bs->throttle_state instead of bs->io_limits_enabled, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 33/40] qemu-io: Correct error messages, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 36/40] mirror: block all operations on the target image during the job, Kevin Wolf, 2015/11/10
- [Qemu-devel] [PULL v2 35/40] qemu-iotests: fix -valgrind option for check, Kevin Wolf, 2015/11/10