qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH V2] block/vhdx: add check for truncated image fi

From: Peter Lieven
Subject: Re: [Qemu-devel] [PATCH V2] block/vhdx: add check for truncated image files
Date: Tue, 3 Sep 2019 11:09:59 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 
Am 02.09.19 um 17:24 schrieb Peter Lieven:

qemu is currently not able to detect truncated vhdx image files.
Add a basic check if all allocated blocks are reachable at open and
report all errors during bdrv_co_check.

Signed-off-by: Peter Lieven <address@hidden>
---
V2: - add error reporting [Kevin]
     - use bdrv_getlength instead of bdrv_get_allocated_file_size [Kevin]
     - factor out BAT entry check and add error reporting for region
       overlaps
     - already check on vhdx_open

  block/vhdx.c | 85 +++++++++++++++++++++++++++++++++++++++++-----------
  1 file changed, 68 insertions(+), 17 deletions(-)

diff --git a/block/vhdx.c b/block/vhdx.c
index 6a09d0a55c..6afba5e8c2 100644
--- a/block/vhdx.c
+++ b/block/vhdx.c
@@ -24,6 +24,7 @@
  #include "qemu/option.h"
  #include "qemu/crc32c.h"
  #include "qemu/bswap.h"
+#include "qemu/error-report.h"
  #include "vhdx.h"
  #include "migration/blocker.h"
  #include "qemu/uuid.h"
@@ -235,6 +236,9 @@ static int vhdx_region_check(BDRVVHDXState *s, uint64_t 
start, uint64_t length)
      end = start + length;
      QLIST_FOREACH(r, &s->regions, entries) {
          if (!((start >= r->end) || (end <= r->start))) {
+            error_report("VHDX region %" PRIu64 "-%" PRIu64 " overlaps with "
+                         "region %" PRIu64 "-%." PRIu64, start, end, r->start,
+                         r->end);
              ret = -EINVAL;
              goto exit;
          }
@@ -877,6 +881,60 @@ static void vhdx_calc_bat_entries(BDRVVHDXState *s)
} +static int vhdx_check_bat_entries(BlockDriverState *bs, int *errcnt) 
+{
+    BDRVVHDXState *s = bs->opaque;
+    int64_t image_file_size = bdrv_getlength(bs->file->bs);
+    uint64_t payblocks = s->chunk_ratio;
+    int i, ret = 0;
+
+    for (i = 0; i < s->bat_entries; i++) {
+        if ((s->bat[i] & VHDX_BAT_STATE_BIT_MASK) ==
+            PAYLOAD_BLOCK_FULLY_PRESENT) {
+            /*
+             * Check if fully allocated BAT entries do not reside after
+             * end of the image file.
+             */
+            if ((s->bat[i] & VHDX_BAT_FILE_OFF_MASK) + s->block_size >
+                image_file_size) {
+                error_report("VHDX BAT entry %d offset points after end of "
+                             "file. Image has probably been truncated.", i);
+                ret = -EINVAL;
+                if (!errcnt) {
+                    break;
+                }
+                (*errcnt)++;
+            }
+
+            /*
+             * verify populated BAT field file offsets against
+             * region table and log entries
+             */
+            if (payblocks--) {
+                /* payload bat entries */
+                int ret2;
+                ret2 = vhdx_region_check(s, s->bat[i] & VHDX_BAT_FILE_OFF_MASK,
+                                         s->block_size);
+                if (ret2 < 0) {
+                    ret = -EINVAL;
+                    if (errcnt) {
+                        break;
+                    }



This should be if (!errcnt) ...


I will respin, but wait for feedback regarding the remainder of the patch.


Peter
reply via email to
[Prev in Thread] Current Thread [Next in Thread]