From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:33311)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <den@virtuozzo.com>) id 1bSThb-0000ao-Nq
	for qemu-devel@nongnu.org; Wed, 27 Jul 2016 14:37:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <den@virtuozzo.com>) id 1bSThY-0007NN-Fs
	for qemu-devel@nongnu.org; Wed, 27 Jul 2016 14:37:07 -0400
References: <1469638872-12064-1-git-send-email-den@openvz.org>
From: "Denis V. Lunev" <den@openvz.org>
Message-ID: <5798E9C5.7040307@openvz.org>
Date: Wed, 27 Jul 2016 19:05:09 +0200
MIME-Version: 1.0
In-Reply-To: <1469638872-12064-1-git-send-email-den@openvz.org>
Content-Type: text/plain; charset="windows-1252"; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 1/1] block/parallels: check new image size
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-block@nongnu.org, qemu-devel@nongnu.org
Cc: Klim Kireev <sproff@linux.com>, Klim Kireev <proffk@virtuozzo.mipt.com>, Stefan Hajnoczi <stefanha@redhat.com>

On 07/27/2016 07:01 PM, Denis V. Lunev wrote:
> From: Klim Kireev <sproff@linux.com>
>
> Before this patch incorrect image could be created via qemu-img
> (Example: qemu-img create -f parallels -o size=4096T hack.img),
> incorrect images cannot be used due to overflow in main image structure.
>
> This patch add check of size in image creation.
>
> After reading size it compare it with UINT32_MAX * cluster_size.
>
> Signed-off-by: Klim Kireev <proffk@virtuozzo.mipt.com>
> Signed-off-by: Denis V. Lunev <den@openvz.org>
> CC: Stefan Hajnoczi <stefanha@redhat.com>
> ---
>   block/parallels.c | 5 +++++
>   1 file changed, 5 insertions(+)
>
> diff --git a/block/parallels.c b/block/parallels.c
> index 807a801..a0bc95b 100644
> --- a/block/parallels.c
> +++ b/block/parallels.c
> @@ -43,6 +43,7 @@
>   #define HEADER_MAGIC2 "WithouFreSpacExt"
>   #define HEADER_VERSION 2
>   #define HEADER_INUSE_MAGIC  (0x746F6E59)
> +#define MAX_PARALLELS_IMAGE_FACTOR (1ull << 32)
>   
>   #define DEFAULT_CLUSTER_SIZE 1048576        /* 1 MiB */
>   
> @@ -475,6 +476,10 @@ static int parallels_create(const char *filename, QemuOpts *opts, Error **errp)
>                             BDRV_SECTOR_SIZE);
>       cl_size = ROUND_UP(qemu_opt_get_size_del(opts, BLOCK_OPT_CLUSTER_SIZE,
>                             DEFAULT_CLUSTER_SIZE), BDRV_SECTOR_SIZE);
> +    if (total_size >= MAX_PARALLELS_IMAGE_FACTOR * cl_size) {
> +        error_propagate(errp, local_err);
> +        return -E2BIG;
> +    }
>   
>       ret = bdrv_create_file(filename, opts, &local_err);
>       if (ret < 0) {
pls drop this. I have to resubmit it.