[Qemu-devel] [PULL 3/7] qemu-img: avoid overflow of min_sparse parameter

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, qemu-devel@nongnu.org, peter.maydell@linaro.org
Subject: [Qemu-devel] [PULL 3/7] qemu-img: avoid overflow of min_sparse parameter
Date: Mon, 23 Jul 2018 18:45:26 +0200	[thread overview]
Message-ID: <20180723164530.26599-4-kwolf@redhat.com> (raw)
In-Reply-To: <20180723164530.26599-1-kwolf@redhat.com>

From: Peter Lieven <pl@kamp.de>

the min_sparse convert parameter can overflow (e.g. -S 1024G)
in the conversion from int64_t to int resulting in a negative
min_sparse parameter. Avoid this by limiting the valid parameters
to sane values. In fact anything exceeding the convert buffer size
is also pointless. While at it also forbid values that are non
multiple of 512 to avoid undesired behaviour. For instance, values
between 1 and 511 were legal, but resulted in full allocation.

Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Lieven <pl@kamp.de>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
 qemu-img.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index 4a7ce43dc9..9b7506b8ae 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -2005,6 +2005,8 @@ static int convert_do_copy(ImgConvertState *s)
     return s->ret;
 }
 
+#define MAX_BUF_SECTORS 32768
+
 static int img_convert(int argc, char **argv)
 {
     int c, bs_i, flags, src_flags = 0;
@@ -2100,8 +2102,12 @@ static int img_convert(int argc, char **argv)
             int64_t sval;
 
             sval = cvtnum(optarg);
-            if (sval < 0) {
-                error_report("Invalid minimum zero buffer size for sparse output specified");
+            if (sval < 0 || sval & (BDRV_SECTOR_SIZE - 1) ||
+                sval / BDRV_SECTOR_SIZE > MAX_BUF_SECTORS) {
+                error_report("Invalid buffer size for sparse output specified. "
+                    "Valid sizes are multiples of %llu up to %llu. Select "
+                    "0 to disable sparse detection (fully allocates output).",
+                    BDRV_SECTOR_SIZE, MAX_BUF_SECTORS * BDRV_SECTOR_SIZE);
                 goto fail_getopt;
             }
 
@@ -2385,9 +2391,9 @@ static int img_convert(int argc, char **argv)
     }
 
     /* increase bufsectors from the default 4096 (2M) if opt_transfer
-     * or discard_alignment of the out_bs is greater. Limit to 32768 (16MB)
-     * as maximum. */
-    s.buf_sectors = MIN(32768,
+     * or discard_alignment of the out_bs is greater. Limit to
+     * MAX_BUF_SECTORS as maximum which is currently 32768 (16MB). */
+    s.buf_sectors = MIN(MAX_BUF_SECTORS,
                         MAX(s.buf_sectors,
                             MAX(out_bs->bl.opt_transfer >> BDRV_SECTOR_BITS,
                                 out_bs->bl.pdiscard_alignment >>
-- 
2.13.6

next prev parent reply	other threads:[~2018-07-23 16:45 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-07-23 16:45 [Qemu-devel] [PULL 0/7] Block layer patches Kevin Wolf
2018-07-23 16:45 ` [Qemu-devel] [PULL 1/7] qemu-iotests: Use host_device instead of file in 149 Kevin Wolf
2018-07-23 16:45 ` [Qemu-devel] [PULL 2/7] block: Fix typos in comments (found by codespell) Kevin Wolf
2018-07-23 16:45 ` Kevin Wolf [this message]
2018-07-23 16:45 ` [Qemu-devel] [PULL 4/7] iotests: remove LUKS support from test 226 Kevin Wolf
2018-07-23 16:45 ` [Qemu-devel] [PULL 5/7] iotest: Fix filtering order in 226 Kevin Wolf
2018-07-23 16:45 ` [Qemu-devel] [PULL 6/7] iotests: Disallow compat=0.10 in 223 Kevin Wolf
2018-07-23 16:45 ` [Qemu-devel] [PULL 7/7] block/vvfat: Disable debug message by default Kevin Wolf
2018-07-23 18:23 ` [Qemu-devel] [PULL 0/7] Block layer patches Peter Maydell

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:4a7ce43dc dfblob:9b7506b8a )
 OR (
bs:"[Qemu-devel] [PULL 3/7] qemu-img: avoid overflow of min_sparse parameter" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180723164530.26599-4-kwolf@redhat.com \
    --to=kwolf@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-block@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.