From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56185)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1VQyLY-0003qH-HG
	for qemu-devel@nongnu.org; Tue, 01 Oct 2013 07:42:40 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1VQyLO-0006VD-EL
	for qemu-devel@nongnu.org; Tue, 01 Oct 2013 07:42:32 -0400
Received: from mail-we0-x231.google.com ([2a00:1450:400c:c03::231]:40698)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1VQyLO-0006UU-7d
	for qemu-devel@nongnu.org; Tue, 01 Oct 2013 07:42:22 -0400
Received: by mail-we0-f177.google.com with SMTP id t60so7008778wes.22
	for <qemu-devel@nongnu.org>; Tue, 01 Oct 2013 04:42:21 -0700 (PDT)
Date: Tue, 1 Oct 2013 13:42:18 +0200
From: Stefan Hajnoczi <stefanha@gmail.com>
Message-ID: <20131001114218.GB6035@stefanha-thinkpad.redhat.com>
References: <cover.1380141614.git.jcody@redhat.com>
	<b8729fff8a974301d14588372934ff53ed3c5f10.1380141614.git.jcody@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <b8729fff8a974301d14588372934ff53ed3c5f10.1380141614.git.jcody@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v6 09/20] block: vhdx - add region overlap
 detection for image files
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Jeff Cody <jcody@redhat.com>
Cc: kwolf@redhat.com, famz@redhat.com, qemu-devel@nongnu.org, stefanha@redhat.com

On Wed, Sep 25, 2013 at 05:02:54PM -0400, Jeff Cody wrote:
> +/* Check for region overlaps inside the VHDX image */
> +static int vhdx_region_check(BDRVVHDXState *s, uint64_t start, uint64_t length)
> +{
> +    int ret = 0;
> +    uint64_t end;
> +    VHDXRegionEntry *r;
> +
> +    end = start + length;
> +    QLIST_FOREACH(r, &s->regions, entries) {
> +        if ((start >= r->start && start <  r->end) ||
> +            (end   >  r->start && end   <= r->end)) {
> +            ret = -EINVAL;
> +            goto exit;
> +        }
> +    }
> +
> +exit:
> +    return ret;
> +}

This check does not catch a region that spans existing regions:

|----------------| new
     |-----|       existing

This will catch all cases:

QLIST_FOREACH(r, &s->regions, entries) {
    if (!((start >= r->end) || (end <= r->start))) {
        return -EINVAL;
    }
}
return 0;

> @@ -451,6 +499,15 @@ static int vhdx_open_region_tables(BlockDriverState *bs, BDRVVHDXState *s)
>          le32_to_cpus(&rt_entry.length);
>          le32_to_cpus(&rt_entry.data_bits);
>  
> +        /* check for region overlap between these entries, and any
> +         * other memory regions in the file */
> +        ret = vhdx_region_check(s, rt_entry.file_offset, rt_entry.length);
> +        if (ret < 0) {
> +            goto fail;
> +        }
> +
> +        vhdx_region_register(s, rt_entry.file_offset, rt_entry.length);
> +
>          /* see if we recognize the entry */
>          if (guid_eq(rt_entry.guid, bat_guid)) {
>              /* must be unique; if we have already found it this is invalid */
> @@ -481,6 +538,12 @@ static int vhdx_open_region_tables(BlockDriverState *bs, BDRVVHDXState *s)
>              goto fail;
>          }
>      }
> +
> +    if (!bat_rt_found || !metadata_rt_found) {
> +        ret = -EINVAL;
> +        goto fail;
> +    }
> +
>      ret = 0;
>  
>  fail:

Another reason to avoid opening region tables before reading the
journal: we'll add regions twice if the journal had to be flushed.