From: Kevin Wolf <kwolf@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: "Kashyap Chamarthy" <kashyap.cv@gmail.com>,
qemu-devel@nongnu.org, "Stefan Hajnoczi" <stefanha@redhat.com>,
"Benoît Canet" <benoit@irqsave.net>
Subject: Re: [Qemu-devel] [PATCH] qemu-img: Add --backing-chain option to info command
Date: Fri, 12 Oct 2012 16:27:35 +0200 [thread overview]
Message-ID: <507828D7.3080306@redhat.com> (raw)
In-Reply-To: <5078281B.3090702@redhat.com>
Am 12.10.2012 16:24, schrieb Eric Blake:
> On 10/12/2012 08:09 AM, Stefan Hajnoczi wrote:
>> The qemu-img info --backing-chain option enumerates the backing file
>> chain. For example, for base.qcow2 <- snap1.qcow2 <- snap2.qcow2 the
>> output becomes:
>>
>
>> + do {
>> + bs = bdrv_new_open(filename, fmt, BDRV_O_FLAGS | BDRV_O_NO_BACKING,
>> + false);
>> + if (!bs) {
>> + goto err;
>> + }
>
>> + } while (filename);
>
> Eww - infinite loop if presented with malicious data where someone has
> used 'qemu-img rebase -u' to create a cycle. I think you need a
> followup patch that hashes which files have been opened to date, and
> abort the loop once a cycle is detected.
That would already cause problems in bdrv_open(), so I'd consider it a
separate bug. We should fail gracefully when trying to open such an
image. Once it's open, other code can trust that the chain makes sense.
Kevin
next prev parent reply other threads:[~2012-10-12 14:28 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-12 14:09 [Qemu-devel] [PATCH] qemu-img: Add --backing-chain option to info command Stefan Hajnoczi
2012-10-12 14:18 ` Eric Blake
2012-10-12 14:24 ` Eric Blake
2012-10-12 14:27 ` Kevin Wolf [this message]
2012-10-12 14:32 ` Eric Blake
2012-10-12 14:38 ` Kevin Wolf
2012-10-12 14:50 ` Eric Blake
2012-10-12 19:16 ` Kashyap Chamarthy
2012-10-12 20:19 ` Kashyap Chamarthy
2012-10-12 20:31 ` Eric Blake
2012-10-13 15:50 ` Kashyap Chamarthy
2012-10-13 21:36 ` Eric Blake
2012-10-14 6:10 ` Kashyap Chamarthy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=507828D7.3080306@redhat.com \
--to=kwolf@redhat.com \
--cc=benoit@irqsave.net \
--cc=eblake@redhat.com \
--cc=kashyap.cv@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.