[1/1] block/parallels: check new image size

Message ID	1469638872-12064-1-git-send-email-den@openvz.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org> From: "Denis V. Lunev" <den@openvz.org> To: qemu-block@nongnu.org, qemu-devel@nongnu.org Date: Wed, 27 Jul 2016 20:01:12 +0300 Message-Id: <1469638872-12064-1-git-send-email-den@openvz.org> Subject: [Qemu-devel] [PATCH 1/1] block/parallels: check new image size Precedence: list Cc: den@openvz.org, Klim Kireev <proffk@virtuozzo.mipt.com>, Stefan Hajnoczi <stefanha@redhat.com>, Klim Kireev <sproff@linux.com> Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>

Message ID

1469638872-12064-1-git-send-email-den@openvz.org (mailing list archive)

State

New, archived

Headers

From: "Denis V. Lunev" <den@openvz.org>
To: qemu-block@nongnu.org, qemu-devel@nongnu.org
Date: Wed, 27 Jul 2016 20:01:12 +0300
Message-Id: <1469638872-12064-1-git-send-email-den@openvz.org>
Subject: [Qemu-devel] [PATCH 1/1] block/parallels: check new image size
Precedence: list
Cc: den@openvz.org, Klim Kireev <proffk@virtuozzo.mipt.com>,
	Stefan Hajnoczi <stefanha@redhat.com>, Klim Kireev <sproff@linux.com>
Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>

Commit Message

Denis V. Lunev July 27, 2016, 5:01 p.m. UTC

From: Klim Kireev <sproff@linux.com>

Before this patch incorrect image could be created via qemu-img
(Example: qemu-img create -f parallels -o size=4096T hack.img),
incorrect images cannot be used due to overflow in main image structure.

This patch add check of size in image creation.

After reading size it compare it with UINT32_MAX * cluster_size.

Signed-off-by: Klim Kireev <proffk@virtuozzo.mipt.com>
Signed-off-by: Denis V. Lunev <den@openvz.org>
CC: Stefan Hajnoczi <stefanha@redhat.com>
---
 block/parallels.c | 5 +++++
 1 file changed, 5 insertions(+)

Comments

Denis V. Lunev July 27, 2016, 5:05 p.m. UTC | #1

On 07/27/2016 07:01 PM, Denis V. Lunev wrote:
> From: Klim Kireev <sproff@linux.com>
>
> Before this patch incorrect image could be created via qemu-img
> (Example: qemu-img create -f parallels -o size=4096T hack.img),
> incorrect images cannot be used due to overflow in main image structure.
>
> This patch add check of size in image creation.
>
> After reading size it compare it with UINT32_MAX * cluster_size.
>
> Signed-off-by: Klim Kireev <proffk@virtuozzo.mipt.com>
> Signed-off-by: Denis V. Lunev <den@openvz.org>
> CC: Stefan Hajnoczi <stefanha@redhat.com>
> ---
>   block/parallels.c | 5 +++++
>   1 file changed, 5 insertions(+)
>
> diff --git a/block/parallels.c b/block/parallels.c
> index 807a801..a0bc95b 100644
> --- a/block/parallels.c
> +++ b/block/parallels.c
> @@ -43,6 +43,7 @@
>   #define HEADER_MAGIC2 "WithouFreSpacExt"
>   #define HEADER_VERSION 2
>   #define HEADER_INUSE_MAGIC  (0x746F6E59)
> +#define MAX_PARALLELS_IMAGE_FACTOR (1ull << 32)
>   
>   #define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
>   
> @@ -475,6 +476,10 @@ static int parallels_create(const char *filename, QemuOpts *opts, Error **errp)
>                             BDRV_SECTOR_SIZE);
>       cl_size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_CLUSTER_SIZE,
>                             DEFAULT_CLUSTER_SIZE), BDRV_SECTOR_SIZE);
> +    if (total_size >= MAX_PARALLELS_IMAGE_FACTOR * cl_size) {
> +        error_propagate(errp, local_err);
> +        return -E2BIG;
> +    }
>   
>       ret = bdrv_create_file(filename, opts, &local_err);
>       if (ret < 0) {
pls drop this. I have to resubmit it.

diff --git a/block/parallels.c b/block/parallels.c
index 807a801..a0bc95b 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -43,6 +43,7 @@ 
 #define HEADER_MAGIC2 "WithouFreSpacExt"
 #define HEADER_VERSION 2
 #define HEADER_INUSE_MAGIC  (0x746F6E59)
+#define MAX_PARALLELS_IMAGE_FACTOR (1ull << 32)
 
 #define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
 
@@ -475,6 +476,10 @@  static int parallels_create(const char *filename, QemuOpts *opts, Error **errp)
                           BDRV_SECTOR_SIZE);
     cl_size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_CLUSTER_SIZE,
                           DEFAULT_CLUSTER_SIZE), BDRV_SECTOR_SIZE);
+    if (total_size >= MAX_PARALLELS_IMAGE_FACTOR * cl_size) {
+        error_propagate(errp, local_err);
+        return -E2BIG;
+    }
 
     ret = bdrv_create_file(filename, opts, &local_err);
     if (ret < 0) {

[1/1] block/parallels: check new image size

Commit Message

Comments

Patch