[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2 04/16] qcow2: Keep unknown extra snapshot dat
From: |
Max Reitz |
Subject: |
Re: [Qemu-devel] [PATCH v2 04/16] qcow2: Keep unknown extra snapshot data |
Date: |
Tue, 20 Aug 2019 13:43:14 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 |
On 19.08.19 21:34, Eric Blake wrote:
> On 8/19/19 1:55 PM, Max Reitz wrote:
>> The qcow2 specification says to ignore unknown extra data fields in
>> snapshot table entries. Currently, we discard it whenever we update the
>> image, which is a bit different from "ignore".
>>
>> This patch makes the qcow2 driver keep all unknown extra data fields
>> when updating an image's snapshot table.
>>
>
>> @@ -80,31 +80,53 @@ int qcow2_read_snapshots(BlockDriverState *bs, Error
>> **errp)
>> sn->date_sec = be32_to_cpu(h.date_sec);
>> sn->date_nsec = be32_to_cpu(h.date_nsec);
>> sn->vm_clock_nsec = be64_to_cpu(h.vm_clock_nsec);
>> - extra_data_size = be32_to_cpu(h.extra_data_size);
>> + sn->extra_data_size = be32_to_cpu(h.extra_data_size);
>>
>> id_str_size = be16_to_cpu(h.id_str_size);
>> name_size = be16_to_cpu(h.name_size);
>>
>> - /* Read extra data */
>> + if (sn->extra_data_size > QCOW_MAX_SNAPSHOT_EXTRA_DATA) {
>> + ret = -EFBIG;
>> + error_setg(errp, "Too much extra metadata in snapshot table "
>> + "entry %i", i);
>> + goto fail;
>
> We fail if extra_data_size is > 1024...
>
>
>> + if (sn->extra_data_size > sizeof(extra)) {
>> + /* Store unknown extra data */
>> + size_t unknown_extra_data_size =
>> + sn->extra_data_size - sizeof(extra);
>> +
>
> But read at most 1008 bytes into sn->unknown_extra_data.
>
>> @@ -234,6 +257,22 @@ static int qcow2_write_snapshots(BlockDriverState *bs)
>> }
>> offset += sizeof(extra);
>>
>> + if (sn->extra_data_size > sizeof(extra)) {
>> + size_t unknown_extra_data_size =
>> + sn->extra_data_size - sizeof(extra);
>> +
>> + /* qcow2_read_snapshots() ensures no unbounded allocation */
>> + assert(unknown_extra_data_size <= BDRV_REQUEST_MAX_BYTES);
>
> So this assertion is quite loose in what it permits; tighter would be
>
> assert(unknown_extra_data_size <= QCOW_MAX_SNAPSHOT_EXTRA_DATA -
> sizeof(extra))
As I said in the last version, I have this assertion here just because
of the following bdrv_pwrite(); so all we need to assert is that it fits
BDRV_REQUEST_MAX_BYTES (which it clearly does, as you say).
Max
signature.asc
Description: OpenPGP digital signature
- [Qemu-devel] [PATCH v2 00/16] qcow2: Let check -r all repair some snapshot bits, Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 01/16] include: Move endof() up from hw/virtio/virtio.h, Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 02/16] qcow2: Use endof(), Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 03/16] qcow2: Add Error ** to qcow2_read_snapshots(), Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 04/16] qcow2: Keep unknown extra snapshot data, Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 05/16] qcow2: Make qcow2_write_snapshots() public, Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 06/16] qcow2: Put qcow2_upgrade() into its own function, Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 07/16] qcow2: Write v3-compliant snapshot list on upgrade, Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 08/16] qcow2: Separate qcow2_check_read_snapshot_table(), Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 09/16] qcow2: Add qcow2_check_fix_snapshot_table(), Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 11/16] qcow2: Keep track of the snapshot table length, Max Reitz, 2019/08/19
- [Qemu-devel] [PATCH v2 10/16] qcow2: Fix broken snapshot table entries, Max Reitz, 2019/08/19