[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 98/99] qemu-img: avoid overflow of min_sparse parame
From: |
Michael Roth |
Subject: |
[Qemu-devel] [PATCH 98/99] qemu-img: avoid overflow of min_sparse parameter |
Date: |
Mon, 23 Jul 2018 15:17:47 -0500 |
From: Peter Lieven <address@hidden>
the min_sparse convert parameter can overflow (e.g. -S 1024G)
in the conversion from int64_t to int resulting in a negative
min_sparse parameter. Avoid this by limiting the valid parameters
to sane values. In fact anything exceeding the convert buffer size
is also pointless. While at it also forbid values that are non
multiple of 512 to avoid undesired behaviour. For instance, values
between 1 and 511 were legal, but resulted in full allocation.
Cc: address@hidden
Signed-off-by: Peter Lieven <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit 6360ab278cc1ac3e1235e0755e4cba1f918e6f3c)
Signed-off-by: Michael Roth <address@hidden>
---
qemu-img.c | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/qemu-img.c b/qemu-img.c
index a8e2b53dc6..1a055b4424 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -1912,6 +1912,8 @@ static int convert_do_copy(ImgConvertState *s)
return s->ret;
}
+#define MAX_BUF_SECTORS 32768
+
static int img_convert(int argc, char **argv)
{
int c, bs_i, flags, src_flags = 0;
@@ -2008,8 +2010,12 @@ static int img_convert(int argc, char **argv)
int64_t sval;
sval = cvtnum(optarg);
- if (sval < 0) {
- error_report("Invalid minimum zero buffer size for sparse
output specified");
+ if (sval < 0 || sval & (BDRV_SECTOR_SIZE - 1) ||
+ sval / BDRV_SECTOR_SIZE > MAX_BUF_SECTORS) {
+ error_report("Invalid buffer size for sparse output specified.
"
+ "Valid sizes are multiples of %llu up to %llu. Select "
+ "0 to disable sparse detection (fully allocates output).",
+ BDRV_SECTOR_SIZE, MAX_BUF_SECTORS * BDRV_SECTOR_SIZE);
goto fail_getopt;
}
@@ -2297,9 +2303,9 @@ static int img_convert(int argc, char **argv)
}
/* increase bufsectors from the default 4096 (2M) if opt_transfer
- * or discard_alignment of the out_bs is greater. Limit to 32768 (16MB)
- * as maximum. */
- s.buf_sectors = MIN(32768,
+ * or discard_alignment of the out_bs is greater. Limit to
+ * MAX_BUF_SECTORS as maximum which is currently 32768 (16MB). */
+ s.buf_sectors = MIN(MAX_BUF_SECTORS,
MAX(s.buf_sectors,
MAX(out_bs->bl.opt_transfer >> BDRV_SECTOR_BITS,
out_bs->bl.pdiscard_alignment >>
--
2.17.1
- [Qemu-devel] [PATCH 89/99] replace functions which are only available in glib-2.24, (continued)
- [Qemu-devel] [PATCH 89/99] replace functions which are only available in glib-2.24, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 90/99] vfio/pci: Default display option to "off", Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 91/99] migration/block-dirty-bitmap: fix dirty_bitmap_load, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 08/99] target/ppc: always set PPC_MEM_TLBIE in pre 2.8 migration hack, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 92/99] tcg: Reduce max TB opcode count, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 94/99] iscsi: Avoid potential for get_status overflow, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 93/99] nbd/server: Reject 0-length block status request, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 95/99] virtio-rng: process pending requests on DRIVER_OK, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 96/99] target/ppc: set is_jmp on ppc_tr_breakpoint_check, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 97/99] tap: fix memory leak on success to create a tap device, Michael Roth, 2018/07/23
- [Qemu-devel] [PATCH 98/99] qemu-img: avoid overflow of min_sparse parameter,
Michael Roth <=