All of lore.kernel.org
 help / color / mirror / Atom feed
From: Kevin Wolf <kwolf@redhat.com>
To: qemu-devel@nongnu.org
Cc: kwolf@redhat.com
Subject: [Qemu-devel] [PULL 03/12] qcow2: Add two more unalignment checks
Date: Fri, 23 Jan 2015 19:20:09 +0100	[thread overview]
Message-ID: <1422037218-31855-4-git-send-email-kwolf@redhat.com> (raw)
In-Reply-To: <1422037218-31855-1-git-send-email-kwolf@redhat.com>

From: Max Reitz <mreitz@redhat.com>

This adds checks for unaligned L2 table offsets and unaligned data
cluster offsets (actually the preallocated offsets for zero clusters) to
the zero cluster expansion function.

Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
 block/qcow2-cluster.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 1fea514..183177d 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -1651,6 +1651,14 @@ static int expand_zero_clusters_in_l1(BlockDriverState *bs, uint64_t *l1_table,
             continue;
         }
 
+        if (offset_into_cluster(s, l2_offset)) {
+            qcow2_signal_corruption(bs, true, -1, -1, "L2 table offset %#"
+                                    PRIx64 " unaligned (L1 index: %#x)",
+                                    l2_offset, i);
+            ret = -EIO;
+            goto fail;
+        }
+
         if (is_active_l1) {
             /* get active L2 tables from cache */
             ret = qcow2_cache_get(bs, s->l2_table_cache, l2_offset,
@@ -1709,6 +1717,19 @@ static int expand_zero_clusters_in_l1(BlockDriverState *bs, uint64_t *l1_table,
                 }
             }
 
+            if (offset_into_cluster(s, offset)) {
+                qcow2_signal_corruption(bs, true, -1, -1, "Data cluster offset "
+                                        "%#" PRIx64 " unaligned (L2 offset: %#"
+                                        PRIx64 ", L2 index: %#x)", offset,
+                                        l2_offset, j);
+                if (!preallocated) {
+                    qcow2_free_clusters(bs, offset, s->cluster_size,
+                                        QCOW2_DISCARD_ALWAYS);
+                }
+                ret = -EIO;
+                goto fail;
+            }
+
             ret = qcow2_pre_write_overlap_check(bs, 0, offset, s->cluster_size);
             if (ret < 0) {
                 if (!preallocated) {
-- 
1.8.3.1

  parent reply	other threads:[~2015-01-23 18:20 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-01-23 18:20 [Qemu-devel] [PULL 00/12] Block patches Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 01/12] virtio-blk: Pass req to virtio_blk_handle_scsi_req Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 02/12] virtio-blk: Use blk_aio_ioctl Kevin Wolf
2015-01-23 18:20 ` Kevin Wolf [this message]
2015-01-23 18:20 ` [Qemu-devel] [PULL 04/12] iotests: Add tests for more corruption cases Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 05/12] block: vmdk - make ret variable usage clear Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 06/12] block: vmdk - move string allocations from stack to the heap Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 07/12] block: qapi - move string allocation " Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 08/12] block: remove unused variable in bdrv_commit Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 09/12] block: mirror - change string allocation to 2-bytes Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 10/12] block: update string sizes for filename, backing_file, exact_filename Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 11/12] block: vhdx - force FileOffsetMB field to '0' for certain block states Kevin Wolf
2015-01-23 18:20 ` [Qemu-devel] [PULL 12/12] iotests: Lower 064's memory usage Kevin Wolf
2015-01-26 10:16 ` [Qemu-devel] [PULL 00/12] Block patches Peter Maydell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1422037218-31855-4-git-send-email-kwolf@redhat.com \
    --to=kwolf@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.