[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-block] [PATCH 1/7] qcow2: Generalize validate_table_offset() i
|
From: |
Eric Blake |
|
Subject: |
Re: [Qemu-block] [PATCH 1/7] qcow2: Generalize validate_table_offset() into qcow2_validate_table() |
|
Date: |
Thu, 1 Mar 2018 13:21:08 -0600 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
On 03/01/2018 10:27 AM, Alberto Garcia wrote:
This function checks that the offset and size of a table are valid.
While the offset checks are fine, the size check is too generic, since
it only verifies that the total size in bytes fits in a 64-bit
integer. In practice all tables used in qcow2 have much smaller size
limits, so the size needs to be checked again for each table using its
actual limit.
This patch generalizes this function by allowing the caller to specify
the maximum size for that table. In addition to that it allows passing
an Error variable.
The function is also renamed and made public since we're going to use
it in other parts of the code.
Signed-off-by: Alberto Garcia <address@hidden>
---
+int qcow2_validate_table(BlockDriverState *bs, uint64_t offset,
+ uint64_t entries, size_t entry_len,
+ int64_t max_size_bytes, const char *table_name,
+ Error **errp)
{
BDRVQcow2State *s = bs->opaque;
- uint64_t size;
+
+ if (entries > max_size_bytes / entry_len) {
+ error_setg(errp, "%s too large", table_name);
+ return -EFBIG;
+ }
EFBIG "File too large". Would EOVERFLOW "Value too large for defined
data type" make any more sense? But that's bikeshedding; I'm okay with
your choice.
/* read the level 1 table */
- if (header.l1_size > QCOW_MAX_L1_SIZE / sizeof(uint64_t)) {
- error_setg(errp, "Active L1 table too large");
- ret = -EFBIG;
+ ret = qcow2_validate_table(bs, header.l1_table_offset,
+ header.l1_size, sizeof(uint64_t),
+ QCOW_MAX_L1_SIZE, "Active L1 table", errp);
+ if (ret < 0) {
At any rate, it looks like we were already using EFBIG.
I also like that you consolidated more checking into the common function.
Reviewed-by: Eric Blake <address@hidden>
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
- Re: [Qemu-block] [PATCH 7/7] qcow2: Make qemu-img check detect corrupted L1 tables in snapshots, (continued)
- [Qemu-block] [PATCH 6/7] qcow2: Check snapshot L1 table in qcow2_snapshot_delete(), Alberto Garcia, 2018/03/01
- [Qemu-block] [PATCH 4/7] qcow2: Check snapshot L1 tables in qcow2_check_metadata_overlap(), Alberto Garcia, 2018/03/01
- [Qemu-block] [PATCH 2/7] qcow2: Check L1 table offset in qcow2_snapshot_load_tmp(), Alberto Garcia, 2018/03/01
- [Qemu-block] [PATCH 5/7] qcow2: Check snapshot L1 table in qcow2_snapshot_goto(), Alberto Garcia, 2018/03/01
- [Qemu-block] [PATCH 1/7] qcow2: Generalize validate_table_offset() into qcow2_validate_table(), Alberto Garcia, 2018/03/01
- Re: [Qemu-block] [PATCH 1/7] qcow2: Generalize validate_table_offset() into qcow2_validate_table(),
Eric Blake <=
- [Qemu-block] [PATCH 3/7] qcow2: Check L1 table parameters in qcow2_expand_zero_clusters(), Alberto Garcia, 2018/03/01
Re: [Qemu-block] [PATCH 0/7] Add checks for corruption in the snapshot table, Kevin Wolf, 2018/03/06