From: Kevin Wolf <kwolf@redhat.com>
To: Alberto Garcia <berto@igalia.com>
Cc: qemu-devel@nongnu.org, qemu-block@nongnu.org,
Max Reitz <mreitz@redhat.com>
Subject: Re: [PATCH v3] qcow2: Avoid integer wraparound in qcow2_co_truncate()
Date: Tue, 5 May 2020 11:19:32 +0200 [thread overview]
Message-ID: <20200505091927.GF5759@linux.fritz.box> (raw)
In-Reply-To: <w514ksuvj0n.fsf@maestria.local.igalia.com>
Am 05.05.2020 um 11:16 hat Alberto Garcia geschrieben:
> On Tue 05 May 2020 10:54:12 AM CEST, Kevin Wolf wrote:
> > But I think there is a more important problem with the test: It seems
> > to pass even with old binaries that don't have the fix. Is this only
> > on my system or do you get the same?
>
> With old binaries when qcow2_cluster_zeroize() is called it receives
> bytes = (UINT64_MAX - 9216), however that number is then used to
> calculate the number of affected clusters, so it's rounded up, wraps
> around again and back to zero. There's no visible sign of the error, it
> just happens to work fine.
>
> If there was a raw data file then we would try to write UINT64_MAX-9216
> bytes to it, but in this case there's no backing file allowed and
> therefore the image is not zeroed, so qcow2_cluster_zeroize() never
> happens.
>
> Why the test case then? There was a mistake with my first patch and
> there it crashed (due to an assertion), that's why Eric thought it would
> be a good idea to add a test case anyway, in case we have to change that
> code in the future and we screw up.
Thanks for the explanation, this makes sense. I'll apply the patch now.
Kevin
next prev parent reply other threads:[~2020-05-05 9:20 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-04 15:52 [PATCH v3] qcow2: Avoid integer wraparound in qcow2_co_truncate() Alberto Garcia
2020-05-04 16:01 ` Eric Blake
2020-05-04 17:07 ` Alberto Garcia
2020-05-05 8:54 ` Kevin Wolf
2020-05-05 9:16 ` Kevin Wolf
2020-05-05 9:16 ` Alberto Garcia
2020-05-05 9:19 ` Kevin Wolf [this message]
2020-05-05 8:33 ` no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200505091927.GF5759@linux.fritz.box \
--to=kwolf@redhat.com \
--cc=berto@igalia.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.