From: Max Reitz <mreitz@redhat.com>
To: qemu-block@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>,
qemu-devel@nongnu.org, Max Reitz <mreitz@redhat.com>
Subject: [PATCH v3 11/16] qcow2: Keep track of the snapshot table length
Date: Fri, 11 Oct 2019 17:28:09 +0200 [thread overview]
Message-ID: <20191011152814.14791-12-mreitz@redhat.com> (raw)
In-Reply-To: <20191011152814.14791-1-mreitz@redhat.com>
When repairing the snapshot table, we truncate entries that have too
much extra data. This frees up space that we do not have to count
towards the snapshot table size.
Signed-off-by: Max Reitz <mreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
---
block/qcow2-snapshot.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/block/qcow2-snapshot.c b/block/qcow2-snapshot.c
index 53dc1635ec..582eb3386a 100644
--- a/block/qcow2-snapshot.c
+++ b/block/qcow2-snapshot.c
@@ -68,6 +68,7 @@ static int qcow2_do_read_snapshots(BlockDriverState *bs, bool repair,
QCowSnapshot *sn;
int i, id_str_size, name_size;
int64_t offset;
+ uint64_t table_length = 0;
int ret;
if (!s->nb_snapshots) {
@@ -82,6 +83,8 @@ static int qcow2_do_read_snapshots(BlockDriverState *bs, bool repair,
for(i = 0; i < s->nb_snapshots; i++) {
bool truncate_unknown_extra_data = false;
+ table_length = ROUND_UP(table_length, 8);
+
/* Read statically sized part of the snapshot header */
offset = ROUND_UP(offset, 8);
ret = bdrv_pread(bs->file, offset, &h, sizeof(h));
@@ -184,7 +187,16 @@ static int qcow2_do_read_snapshots(BlockDriverState *bs, bool repair,
offset += name_size;
sn->name[name_size] = '\0';
- if (offset - s->snapshots_offset > QCOW_MAX_SNAPSHOTS_SIZE) {
+ /* Note that the extra data may have been truncated */
+ table_length += sizeof(h) + sn->extra_data_size + id_str_size +
+ name_size;
+ if (!repair) {
+ assert(table_length == offset - s->snapshots_offset);
+ }
+
+ if (table_length > QCOW_MAX_SNAPSHOTS_SIZE ||
+ offset - s->snapshots_offset > INT_MAX)
+ {
ret = -EFBIG;
error_setg(errp, "Snapshot table is too big");
goto fail;
--
2.21.0
next prev parent reply other threads:[~2019-10-11 15:40 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-11 15:27 [PATCH v3 00/16] qcow2: Let check -r all repair some snapshot bits Max Reitz
2019-10-11 15:27 ` [PATCH v3 01/16] include: Move endof() up from hw/virtio/virtio.h Max Reitz
2019-10-11 15:28 ` [PATCH v3 02/16] qcow2: Use endof() Max Reitz
2019-10-11 15:28 ` [PATCH v3 03/16] qcow2: Add Error ** to qcow2_read_snapshots() Max Reitz
2019-10-11 15:28 ` [PATCH v3 04/16] qcow2: Keep unknown extra snapshot data Max Reitz
2019-10-11 16:20 ` Eric Blake
2019-10-14 8:46 ` Max Reitz
2019-10-11 15:28 ` [PATCH v3 05/16] qcow2: Make qcow2_write_snapshots() public Max Reitz
2019-10-11 15:28 ` [PATCH v3 06/16] qcow2: Put qcow2_upgrade() into its own function Max Reitz
2019-10-11 15:28 ` [PATCH v3 07/16] qcow2: Write v3-compliant snapshot list on upgrade Max Reitz
2019-10-11 16:23 ` Eric Blake
2019-10-14 8:45 ` Max Reitz
2019-10-14 13:53 ` Eric Blake
2019-10-14 14:09 ` Max Reitz
2019-10-11 15:28 ` [PATCH v3 08/16] qcow2: Separate qcow2_check_read_snapshot_table() Max Reitz
2019-10-11 15:28 ` [PATCH v3 09/16] qcow2: Add qcow2_check_fix_snapshot_table() Max Reitz
2019-10-11 15:28 ` [PATCH v3 10/16] qcow2: Fix broken snapshot table entries Max Reitz
2019-10-11 15:28 ` Max Reitz [this message]
2019-10-11 15:28 ` [PATCH v3 12/16] qcow2: Fix overly long snapshot tables Max Reitz
2019-10-11 15:28 ` [PATCH v3 13/16] qcow2: Repair snapshot table with too many entries Max Reitz
2019-10-11 16:31 ` Eric Blake
2019-10-11 15:28 ` [PATCH v3 14/16] qcow2: Fix v3 snapshot table entry compliancy Max Reitz
2019-10-11 16:32 ` Eric Blake
2019-10-11 15:28 ` [PATCH v3 15/16] iotests: Add peek_file* functions Max Reitz
2019-10-11 15:28 ` [PATCH v3 16/16] iotests: Test qcow2's snapshot table handling Max Reitz
2019-10-28 10:55 ` [PATCH v3 00/16] qcow2: Let check -r all repair some snapshot bits Max Reitz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191011152814.14791-12-mreitz@redhat.com \
--to=mreitz@redhat.com \
--cc=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).