From patchwork Tue Apr 25 19:59:06 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ashijeet Acharya <ashijeetacharya@gmail.com>
X-Patchwork-Id: 9699557
Return-Path: 
 <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	78C6E60245 for <patchwork-qemu-devel@patchwork.kernel.org>;
	Tue, 25 Apr 2017 20:02:56 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 66BBA28676
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Tue, 25 Apr 2017 20:02:56 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 59BEB28681; Tue, 25 Apr 2017 20:02:56 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,
	DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI,
	T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 035FA28676
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Tue, 25 Apr 2017 20:02:56 +0000 (UTC)
Received: from localhost ([::1]:51191 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>)
	id 1d36fl-0000To-RY for patchwork-qemu-devel@patchwork.kernel.org;
	Tue, 25 Apr 2017 16:02:53 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:52555)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ashijeetacharya@gmail.com>) id 1d36c7-0006v6-Dh
	for qemu-devel@nongnu.org; Tue, 25 Apr 2017 15:59:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ashijeetacharya@gmail.com>) id 1d36c6-0003yH-Kv
	for qemu-devel@nongnu.org; Tue, 25 Apr 2017 15:59:07 -0400
Received: from mail-pg0-x243.google.com ([2607:f8b0:400e:c05::243]:36790)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <ashijeetacharya@gmail.com>)
	id 1d36c6-0003xr-FS; Tue, 25 Apr 2017 15:59:06 -0400
Received: by mail-pg0-x243.google.com with SMTP id v1so6107190pgv.3;
	Tue, 25 Apr 2017 12:59:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=0dwAeaTrL8M+Wcw/JFOoAfyC6juX1ymrfEPG4bVor1w=;
	b=MElVVsw/YuMiBIgtQBPpuxvke25JqjD5xbcnyam2EY66DuYctazcpTdoOFXAGR0e0z
	2MdWLJcehRFrahkZkEBCn/BVQMZUbnIMutzW6xLj1OTj+1KYTuZdvjwWq7k721PmwEdA
	OJVEm89C5me2bvjSKsLwLB6I9J4VvFvTC4a4eDea/U5Wg+Z9/1yzIKH8X7SWsY95G1ok
	8WvzsJPX0Nyjjdggy7jCRYe7PqhPMlp3iGUxzMcKwceebynBC+vukjyKHBHdjVB8zEqv
	IINXdfhyetAaQoRrJA00nPQpmqR7Fmn2cGrT4bwVoPQWdKvTmIvL8MgYtWKo7k7lJwdJ
	Ablw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=0dwAeaTrL8M+Wcw/JFOoAfyC6juX1ymrfEPG4bVor1w=;
	b=B59nybYRZ8cA0UK/OxAmdLNrhmxb0rFfGEdA7rbpyrNj7A0oNHujQulS0XBtm0uixw
	Kmey9p4d7cXZFtuIv0tvAv02k258rR/7xRA8ZRNPtzs47v4HSaq6msb+ShJnwoEAqW/F
	A70hRV5SwC7oXl69Skj22IrAKXqW9kY+mqrJnZeDGW1C4mULqXBS4bZrCXh76N4jdOVt
	SSyHgPAENDaEi6Vcd1wUt99dUHfJU9SPtIuN6y0rsCTt8FTChR2tDcDMJOjUF9w+wvhk
	jchKYMkclrL86D/S5voWs0ktp7zIF97Zi+x9tD9aBZ1LGULUQnPxj8gNZSc8vPiV5hpf
	euHw==
X-Gm-Message-State: AN3rC/7tleBkjA/aA8BaOUn+pS9nS649k6oW95n56D6UrQhwLfhnfl70
	RuiE1rrKBVKNFw==
X-Received: by 10.98.32.211 with SMTP id m80mr29724729pfj.153.1493150345538;
	Tue, 25 Apr 2017 12:59:05 -0700 (PDT)
Received: from linux.local ([157.51.23.94]) by smtp.gmail.com with ESMTPSA id
	y187sm37931530pfy.67.2017.04.25.12.59.00
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 25 Apr 2017 12:59:04 -0700 (PDT)
From: Ashijeet Acharya <ashijeetacharya@gmail.com>
To: stefanha@gmail.com
Date: Wed, 26 Apr 2017 01:29:06 +0530
Message-Id: <1493150351-28918-4-git-send-email-ashijeetacharya@gmail.com>
X-Mailer: git-send-email 2.6.2
In-Reply-To: <1493150351-28918-1-git-send-email-ashijeetacharya@gmail.com>
References: <1493150351-28918-1-git-send-email-ashijeetacharya@gmail.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2607:f8b0:400e:c05::243
Subject: [Qemu-devel] [PATCH v1 3/8] dmg: Limit the output buffer size to a
	max of 2MB
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: kwolf@redhat.com, famz@redhat.com, qemu-block@nongnu.org,
	qemu-devel@nongnu.org, mreitz@redhat.com, peter@lekensteyn.nl,
	Ashijeet Acharya <ashijeetacharya@gmail.com>, jsnow@redhat.com
Errors-To: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
X-Virus-Scanned: ClamAV using ClamSMTP

The size of the output buffer is limited to a maximum of 2MB so that
QEMU doesn't end up allocating huge amounts of memory while
decompressing compressed input streams.

2MB is an appropriate size because "qemu-img convert" has the same I/O
buffer size and the most important use case for DMG files is to be
compatible with qemu-img convert.

Signed-off-by: Ashijeet Acharya <ashijeetacharya@gmail.com>
---
 block/dmg.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/block/dmg.c b/block/dmg.c
index c6fe8b0..7ae30e3 100644
--- a/block/dmg.c
+++ b/block/dmg.c
@@ -37,8 +37,8 @@ enum {
     /* Limit chunk sizes to prevent unreasonable amounts of memory being used
      * or truncating when converting to 32-bit types
      */
-    DMG_LENGTHS_MAX = 64 * 1024 * 1024, /* 64 MB */
-    DMG_SECTORCOUNTS_MAX = DMG_LENGTHS_MAX / 512,
+    DMG_MAX_OUTPUT = 2 * 1024 * 1024, /* 2 MB */
+    DMG_SECTOR_MAX = DMG_MAX_OUTPUT / 512,
 };
 
 static int dmg_probe(const uint8_t *buf, int buf_size, const char *filename)
@@ -260,10 +260,10 @@ static int dmg_read_mish_block(BDRVDMGState *s, DmgHeaderState *ds,
 
         /* all-zeroes sector (type 2) does not need to be "uncompressed" and can
          * therefore be unbounded. */
-        if (s->types[i] != 2 && s->sectorcounts[i] > DMG_SECTORCOUNTS_MAX) {
+        if (s->types[i] != 2 && s->sectorcounts[i] > DMG_SECTOR_MAX) {
             error_report("sector count %" PRIu64 " for chunk %" PRIu32
                          " is larger than max (%u)",
-                         s->sectorcounts[i], i, DMG_SECTORCOUNTS_MAX);
+                         s->sectorcounts[i], i, DMG_SECTOR_MAX);
             ret = -EINVAL;
             goto fail;
         }
@@ -275,10 +275,10 @@ static int dmg_read_mish_block(BDRVDMGState *s, DmgHeaderState *ds,
         /* length in (compressed) data fork */
         s->lengths[i] = buff_read_uint64(buffer, offset + 0x20);
 
-        if (s->lengths[i] > DMG_LENGTHS_MAX) {
+        if (s->lengths[i] > DMG_MAX_OUTPUT) {
             error_report("length %" PRIu64 " for chunk %" PRIu32
                          " is larger than max (%u)",
-                         s->lengths[i], i, DMG_LENGTHS_MAX);
+                         s->lengths[i], i, DMG_MAX_OUTPUT);
             ret = -EINVAL;
             goto fail;
         }