From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50763) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XFoAX-0005XM-HU for qemu-devel@nongnu.org; Fri, 08 Aug 2014 13:41:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XFoAR-0007DW-8F for qemu-devel@nongnu.org; Fri, 08 Aug 2014 13:41:33 -0400 Received: from mx1.redhat.com ([209.132.183.28]:51367) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XFoAR-0007DN-09 for qemu-devel@nongnu.org; Fri, 08 Aug 2014 13:41:27 -0400 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s78HfQab017417 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Fri, 8 Aug 2014 13:41:26 -0400 From: Kevin Wolf Date: Fri, 8 Aug 2014 19:40:01 +0200 Message-Id: <1407519603-6635-61-git-send-email-kwolf@redhat.com> In-Reply-To: <1407519603-6635-1-git-send-email-kwolf@redhat.com> References: <1407519603-6635-1-git-send-email-kwolf@redhat.com> Subject: [Qemu-devel] [PULL 60/62] qcow2: Catch !*host_offset for data allocation List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: kwolf@redhat.com From: Max Reitz qcow2_alloc_cluster_offset() uses host_offset == 0 as "no preferred offset" for the (data) cluster range to be allocated. However, this offset is actually valid and may be allocated on images with a corrupted refcount table or first refcount block. In this case, the corruption prevention should normally catch that write anyway (because it would overwrite the image header). But since 0 is a special value here, the function assumes that nothing has been allocated at all which it asserts against. Because this condition is not qemu's fault but rather that of a broken image, it shouldn't throw an assertion but rather mark the image corrupt and show an appropriate message, which this patch does by calling the corruption check earlier than it would be called normally (before the assertion). Signed-off-by: Max Reitz Reviewed-by: Eric Blake Signed-off-by: Kevin Wolf --- block/qcow2-cluster.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index e7c5f48..5b36018 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -1119,6 +1119,17 @@ static int handle_alloc(BlockDriverState *bs, uint64_t guest_offset, return 0; } + /* !*host_offset would overwrite the image header and is reserved for "no + * host offset preferred". If 0 was a valid host offset, it'd trigger the + * following overlap check; do that now to avoid having an invalid value in + * *host_offset. */ + if (!alloc_cluster_offset) { + ret = qcow2_pre_write_overlap_check(bs, 0, alloc_cluster_offset, + nb_clusters * s->cluster_size); + assert(ret < 0); + goto fail; + } + /* * Save info needed for meta data update. * -- 1.8.3.1