From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, peter.maydell@linaro.org, qemu-devel@nongnu.org
Subject: [PULL 01/64] block: Raise an error when backing file parameter is an empty string
Date: Mon, 7 Sep 2020 13:08:33 +0200 [thread overview]
Message-ID: <20200907110936.261684-2-kwolf@redhat.com> (raw)
In-Reply-To: <20200907110936.261684-1-kwolf@redhat.com>
From: Connor Kuehl <ckuehl@redhat.com>
Providing an empty string for the backing file parameter like so:
qemu-img create -f qcow2 -b '' /tmp/foo
allows the flow of control to reach and subsequently fail an assert
statement because passing an empty string to
bdrv_get_full_backing_filename_from_filename()
simply results in NULL being returned without an error being raised.
To fix this, let's check for an empty string when getting the value from
the opts list.
Reported-by: Attila Fazekas <afazekas@redhat.com>
Fixes: https://bugzilla.redhat.com/1809553
Signed-off-by: Connor Kuehl <ckuehl@redhat.com>
Message-Id: <20200813134722.802180-1-ckuehl@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
block.c | 4 ++++
tests/qemu-iotests/049 | 4 ++++
tests/qemu-iotests/049.out | 5 +++++
3 files changed, 13 insertions(+)
diff --git a/block.c b/block.c
index 2ba76b2c36..b204b93a2e 100644
--- a/block.c
+++ b/block.c
@@ -6119,6 +6119,10 @@ void bdrv_img_create(const char *filename, const char *fmt,
"same filename as the backing file");
goto out;
}
+ if (backing_file[0] == '\0') {
+ error_setg(errp, "Expected backing file name, got empty string");
+ goto out;
+ }
}
backing_fmt = qemu_opt_get(opts, BLOCK_OPT_BACKING_FMT);
diff --git a/tests/qemu-iotests/049 b/tests/qemu-iotests/049
index 051a1c79e0..82b1e6c202 100755
--- a/tests/qemu-iotests/049
+++ b/tests/qemu-iotests/049
@@ -119,6 +119,10 @@ test_qemu_img create -f $IMGFMT -o compat=1.1,lazy_refcounts=on "$TEST_IMG" 64M
test_qemu_img create -f $IMGFMT -o compat=0.10,lazy_refcounts=off "$TEST_IMG" 64M
test_qemu_img create -f $IMGFMT -o compat=0.10,lazy_refcounts=on "$TEST_IMG" 64M
+echo "== Expect error when backing file name is empty string =="
+echo
+test_qemu_img create -f $IMGFMT -b '' $TEST_IMG 1M
+
# success, all done
echo "*** done"
rm -f $seq.full
diff --git a/tests/qemu-iotests/049.out b/tests/qemu-iotests/049.out
index a7e220830d..b1d8fd9107 100644
--- a/tests/qemu-iotests/049.out
+++ b/tests/qemu-iotests/049.out
@@ -209,4 +209,9 @@ qemu-img create -f qcow2 -o compat=0.10,lazy_refcounts=on TEST_DIR/t.qcow2 64M
Formatting 'TEST_DIR/t.qcow2', fmt=qcow2 cluster_size=65536 extended_l2=off compression_type=zlib size=67108864 compat=0.10 lazy_refcounts=on refcount_bits=16
qemu-img: TEST_DIR/t.qcow2: Lazy refcounts only supported with compatibility level 1.1 and above (use version=v3 or greater)
+== Expect error when backing file name is empty string ==
+
+qemu-img create -f qcow2 -b TEST_DIR/t.qcow2 1M
+qemu-img: TEST_DIR/t.qcow2: Expected backing file name, got empty string
+
*** done
--
2.25.4
next prev parent reply other threads:[~2020-09-07 11:11 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-07 11:08 [PULL 00/64] Block layer patches Kevin Wolf
2020-09-07 11:08 ` Kevin Wolf [this message]
2020-09-07 11:08 ` [PULL 02/64] block/nvme: Replace magic value by SCALE_MS definition Kevin Wolf
2020-09-07 11:08 ` [PULL 03/64] block/nvme: Avoid further processing if trace event not enabled Kevin Wolf
2020-09-07 11:08 ` [PULL 04/64] block/nvme: Let nvme_create_queue_pair() fail gracefully Kevin Wolf
2020-09-07 11:08 ` [PULL 05/64] block/nvme: Define INDEX macros to ease code review Kevin Wolf
2020-09-07 11:08 ` [PULL 06/64] block/nvme: Improve error message when IO queue creation failed Kevin Wolf
2020-09-07 11:08 ` [PULL 07/64] block/nvme: Use common error path in nvme_add_io_queue() Kevin Wolf
2020-09-07 11:08 ` [PULL 08/64] block/nvme: Rename local variable Kevin Wolf
2020-09-07 11:08 ` [PULL 09/64] block/nvme: Use union of NvmeIdCtrl / NvmeIdNs structures Kevin Wolf
2020-09-07 11:08 ` [PULL 10/64] block/nvme: Replace qemu_try_blockalign0 by qemu_try_blockalign/memset Kevin Wolf
2020-09-07 11:08 ` [PULL 11/64] block/nvme: Replace qemu_try_blockalign(bs) by qemu_try_memalign(pg_sz) Kevin Wolf
2020-09-07 11:08 ` [PULL 12/64] block/nvme: Simplify nvme_init_queue() arguments Kevin Wolf
2020-09-07 11:08 ` [PULL 13/64] block/nvme: Replace BDRV_POLL_WHILE by AIO_WAIT_WHILE Kevin Wolf
2020-09-07 11:08 ` [PULL 14/64] block/nvme: Simplify nvme_create_queue_pair() arguments Kevin Wolf
2020-09-07 11:08 ` [PULL 15/64] block/nvme: Extract nvme_poll_queue() Kevin Wolf
2020-09-07 11:08 ` [PULL 16/64] block/nvme: Use an array of EventNotifier Kevin Wolf
2020-09-07 11:08 ` [PULL 17/64] block: Add child access functions Kevin Wolf
2020-09-07 11:08 ` [PULL 18/64] block: Add chain helper functions Kevin Wolf
2020-09-07 11:08 ` [PULL 19/64] block: bdrv_cow_child() for bdrv_has_zero_init() Kevin Wolf
2020-09-07 11:08 ` [PULL 20/64] block: bdrv_set_backing_hd() is about bs->backing Kevin Wolf
2020-09-07 11:08 ` [PULL 21/64] block: Include filters when freezing backing chain Kevin Wolf
2020-09-07 11:08 ` [PULL 22/64] block: Drop bdrv_is_encrypted() Kevin Wolf
2020-09-07 11:08 ` [PULL 23/64] block: Add bdrv_supports_compressed_writes() Kevin Wolf
2020-09-07 11:08 ` [PULL 24/64] throttle: Support compressed writes Kevin Wolf
2020-09-07 11:08 ` [PULL 25/64] copy-on-read: " Kevin Wolf
2020-09-07 11:08 ` [PULL 26/64] block: Use bdrv_filter_(bs|child) where obvious Kevin Wolf
2020-09-07 11:08 ` [PULL 27/64] block: Use CAFs in block status functions Kevin Wolf
2020-09-07 11:09 ` [PULL 28/64] stream: Deal with filters Kevin Wolf
2020-09-07 11:09 ` [PULL 29/64] block: Use CAFs when working with backing chains Kevin Wolf
2020-09-07 11:09 ` [PULL 30/64] block: Use bdrv_cow_child() in bdrv_co_truncate() Kevin Wolf
2020-09-07 11:09 ` [PULL 31/64] block: Re-evaluate backing file handling in reopen Kevin Wolf
2020-09-07 11:09 ` [PULL 32/64] block: Flush all children in generic code Kevin Wolf
2020-09-07 11:09 ` [PULL 33/64] vmdk: Drop vmdk_co_flush() Kevin Wolf
2020-09-07 11:09 ` [PULL 34/64] block: Iterate over children in refresh_limits Kevin Wolf
2020-09-07 11:09 ` [PULL 35/64] block: Use CAFs in bdrv_refresh_filename() Kevin Wolf
2020-09-07 11:09 ` [PULL 36/64] block: Use CAF in bdrv_co_rw_vmstate() Kevin Wolf
2020-09-07 11:09 ` [PULL 37/64] block/snapshot: Fix fallback Kevin Wolf
2021-04-30 22:30 ` Peter Maydell
2021-05-03 9:40 ` Kevin Wolf
2021-05-03 9:45 ` Max Reitz
2021-05-03 10:17 ` Kevin Wolf
2020-09-07 11:09 ` [PULL 38/64] block: Use CAFs for debug breakpoints Kevin Wolf
2020-09-07 11:09 ` [PULL 39/64] block: Improve get_allocated_file_size's default Kevin Wolf
2020-09-07 11:09 ` [PULL 40/64] block/null: Implement bdrv_get_allocated_file_size Kevin Wolf
2020-09-07 11:09 ` [PULL 41/64] blockdev: Use CAF in external_snapshot_prepare() Kevin Wolf
2020-09-07 11:09 ` [PULL 42/64] block: Report data child for query-blockstats Kevin Wolf
2020-09-07 11:09 ` [PULL 43/64] block: Use child access functions for QAPI queries Kevin Wolf
2020-09-07 11:09 ` [PULL 44/64] block-copy: Use CAF to find sync=top base Kevin Wolf
2020-09-07 11:09 ` [PULL 45/64] mirror: Deal with filters Kevin Wolf
2020-09-07 11:09 ` [PULL 46/64] backup: " Kevin Wolf
2020-09-07 11:09 ` [PULL 47/64] commit: " Kevin Wolf
2020-09-07 11:09 ` [PULL 48/64] nbd: Use CAF when looking for dirty bitmap Kevin Wolf
2020-09-07 11:09 ` [PULL 49/64] qemu-img: Use child access functions Kevin Wolf
2020-09-07 11:09 ` [PULL 50/64] block: Drop backing_bs() Kevin Wolf
2020-09-07 11:09 ` [PULL 51/64] blockdev: Fix active commit choice Kevin Wolf
2020-09-07 11:09 ` [PULL 52/64] block: Inline bdrv_co_block_status_from_*() Kevin Wolf
2020-09-07 11:09 ` [PULL 53/64] block: Leave BDS.backing_{file,format} constant Kevin Wolf
2020-09-07 11:09 ` [PULL 54/64] iotests: Test that qcow2's data-file is flushed Kevin Wolf
2020-09-07 11:09 ` [PULL 55/64] iotests: Let complete_and_wait() work with commit Kevin Wolf
2020-09-07 11:09 ` [PULL 56/64] iotests: Add filter commit test cases Kevin Wolf
2020-09-07 11:09 ` [PULL 57/64] iotests: Add filter mirror " Kevin Wolf
2020-09-07 11:09 ` [PULL 58/64] iotests: Add test for commit in sub directory Kevin Wolf
2020-09-07 11:09 ` [PULL 59/64] iotests: Test committing to overridden backing Kevin Wolf
2020-09-07 11:09 ` [PULL 60/64] iotests: Allow running from different directory Kevin Wolf
2020-09-07 11:09 ` [PULL 61/64] file-win32: Fix "locking" option Kevin Wolf
2020-09-07 11:09 ` [PULL 62/64] block/nvme: Group controller registers in NVMeRegs structure Kevin Wolf
2020-09-07 11:09 ` [PULL 63/64] block/nvme: Use generic NvmeBar structure Kevin Wolf
2020-09-07 11:09 ` [PULL 64/64] block/nvme: Pair doorbell registers Kevin Wolf
2020-09-07 20:22 ` [PULL 00/64] Block layer patches Peter Maydell
2020-09-08 7:01 ` Kevin Wolf
2020-09-08 9:01 ` Max Reitz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200907110936.261684-2-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).