| Message ID | 20200813134722.802180-1-ckuehl@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v3] block: Raise an error when backing file parameter is an empty string | expand |
On 8/13/20 8:47 AM, Connor Kuehl wrote: > Providing an empty string for the backing file parameter like so: > > qemu-img create -f qcow2 -b '' /tmp/foo > > allows the flow of control to reach and subsequently fail an assert > statement because passing an empty string to > > bdrv_get_full_backing_filename_from_filename() > > simply results in NULL being returned without an error being raised. > > To fix this, let's check for an empty string when getting the value from > the opts list. > > Reported-by: Attila Fazekas <afazekas@redhat.com> > Fixes: https://bugzilla.redhat.com/1809553 > Signed-off-by: Connor Kuehl <ckuehl@redhat.com> > --- > v3: > - Moved test case into 049 instead of taking up > 298. > > v2: > - Removed 4 spaces to resolve pylint warning > - Updated format to be 'iotests.imgfmt' instead > of hardcoding 'qcow2' > - Use temporary file instead of '/tmp/foo' > - Give a size parameter to qemu-img > - Run test for qcow2, qcow, qed and *not* raw Ping
Am 13.08.2020 um 15:47 hat Connor Kuehl geschrieben: > Providing an empty string for the backing file parameter like so: > > qemu-img create -f qcow2 -b '' /tmp/foo > > allows the flow of control to reach and subsequently fail an assert > statement because passing an empty string to > > bdrv_get_full_backing_filename_from_filename() > > simply results in NULL being returned without an error being raised. > > To fix this, let's check for an empty string when getting the value from > the opts list. > > Reported-by: Attila Fazekas <afazekas@redhat.com> > Fixes: https://bugzilla.redhat.com/1809553 > Signed-off-by: Connor Kuehl <ckuehl@redhat.com> Thanks, applied to the block branch. Kevin
diff --git a/block.c b/block.c index d9ac0e07eb..1f72275b87 100644 --- a/block.c +++ b/block.c @@ -6117,6 +6117,10 @@ void bdrv_img_create(const char *filename, const char *fmt, "same filename as the backing file"); goto out; } + if (backing_file[0] == '\0') { + error_setg(errp, "Expected backing file name, got empty string"); + goto out; + } } backing_fmt = qemu_opt_get(opts, BLOCK_OPT_BACKING_FMT); diff --git a/tests/qemu-iotests/049 b/tests/qemu-iotests/049 index 051a1c79e0..82b1e6c202 100755 --- a/tests/qemu-iotests/049 +++ b/tests/qemu-iotests/049 @@ -119,6 +119,10 @@ test_qemu_img create -f $IMGFMT -o compat=1.1,lazy_refcounts=on "$TEST_IMG" 64M test_qemu_img create -f $IMGFMT -o compat=0.10,lazy_refcounts=off "$TEST_IMG" 64M test_qemu_img create -f $IMGFMT -o compat=0.10,lazy_refcounts=on "$TEST_IMG" 64M +echo "== Expect error when backing file name is empty string ==" +echo +test_qemu_img create -f $IMGFMT -b '' $TEST_IMG 1M + # success, all done echo "*** done" rm -f $seq.full diff --git a/tests/qemu-iotests/049.out b/tests/qemu-iotests/049.out index 4c21dc70a5..61ee90b10e 100644 --- a/tests/qemu-iotests/049.out +++ b/tests/qemu-iotests/049.out @@ -209,4 +209,9 @@ qemu-img create -f qcow2 -o compat=0.10,lazy_refcounts=on TEST_DIR/t.qcow2 64M Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 cluster_size=65536 compression_type=zlib size=67108864 compat=0.10 lazy_refcounts=on refcount_bits=16 qemu-img: TEST_DIR/t.qcow2: Lazy refcounts only supported with compatibility level 1.1 and above (use version=v3 or greater) +== Expect error when backing file name is empty string == + +qemu-img create -f qcow2 -b TEST_DIR/t.qcow2 1M +qemu-img: TEST_DIR/t.qcow2: Expected backing file name, got empty string + *** done
Providing an empty string for the backing file parameter like so: qemu-img create -f qcow2 -b '' /tmp/foo allows the flow of control to reach and subsequently fail an assert statement because passing an empty string to bdrv_get_full_backing_filename_from_filename() simply results in NULL being returned without an error being raised. To fix this, let's check for an empty string when getting the value from the opts list. Reported-by: Attila Fazekas <afazekas@redhat.com> Fixes: https://bugzilla.redhat.com/1809553 Signed-off-by: Connor Kuehl <ckuehl@redhat.com> --- v3: - Moved test case into 049 instead of taking up 298. v2: - Removed 4 spaces to resolve pylint warning - Updated format to be 'iotests.imgfmt' instead of hardcoding 'qcow2' - Use temporary file instead of '/tmp/foo' - Give a size parameter to qemu-img - Run test for qcow2, qcow, qed and *not* raw block.c | 4 ++++ tests/qemu-iotests/049 | 4 ++++ tests/qemu-iotests/049.out | 5 +++++ 3 files changed, 13 insertions(+)