From: Eric Blake <eblake@redhat.com>
To: Max Reitz <mreitz@redhat.com>, qemu-block@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH v2 04/16] qcow2: Keep unknown extra snapshot data
Date: Mon, 19 Aug 2019 14:34:54 -0500 [thread overview]
Message-ID: <85d04ded-0bf6-ab67-7af9-cc97f30ad366@redhat.com> (raw)
In-Reply-To: <20190819185602.4267-5-mreitz@redhat.com>
[-- Attachment #1.1: Type: text/plain, Size: 2201 bytes --]
On 8/19/19 1:55 PM, Max Reitz wrote:
> The qcow2 specification says to ignore unknown extra data fields in
> snapshot table entries. Currently, we discard it whenever we update the
> image, which is a bit different from "ignore".
>
> This patch makes the qcow2 driver keep all unknown extra data fields
> when updating an image's snapshot table.
>
> @@ -80,31 +80,53 @@ int qcow2_read_snapshots(BlockDriverState *bs, Error **errp)
> sn->date_sec = be32_to_cpu(h.date_sec);
> sn->date_nsec = be32_to_cpu(h.date_nsec);
> sn->vm_clock_nsec = be64_to_cpu(h.vm_clock_nsec);
> - extra_data_size = be32_to_cpu(h.extra_data_size);
> + sn->extra_data_size = be32_to_cpu(h.extra_data_size);
>
> id_str_size = be16_to_cpu(h.id_str_size);
> name_size = be16_to_cpu(h.name_size);
>
> - /* Read extra data */
> + if (sn->extra_data_size > QCOW_MAX_SNAPSHOT_EXTRA_DATA) {
> + ret = -EFBIG;
> + error_setg(errp, "Too much extra metadata in snapshot table "
> + "entry %i", i);
> + goto fail;
We fail if extra_data_size is > 1024...
> + if (sn->extra_data_size > sizeof(extra)) {
> + /* Store unknown extra data */
> + size_t unknown_extra_data_size =
> + sn->extra_data_size - sizeof(extra);
> +
But read at most 1008 bytes into sn->unknown_extra_data.
> @@ -234,6 +257,22 @@ static int qcow2_write_snapshots(BlockDriverState *bs)
> }
> offset += sizeof(extra);
>
> + if (sn->extra_data_size > sizeof(extra)) {
> + size_t unknown_extra_data_size =
> + sn->extra_data_size - sizeof(extra);
> +
> + /* qcow2_read_snapshots() ensures no unbounded allocation */
> + assert(unknown_extra_data_size <= BDRV_REQUEST_MAX_BYTES);
So this assertion is quite loose in what it permits; tighter would be
assert(unknown_extra_data_size <= QCOW_MAX_SNAPSHOT_EXTRA_DATA -
sizeof(extra))
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2019-08-19 19:35 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-19 18:55 [Qemu-devel] [PATCH v2 00/16] qcow2: Let check -r all repair some snapshot bits Max Reitz
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 01/16] include: Move endof() up from hw/virtio/virtio.h Max Reitz
2019-08-19 19:06 ` Eric Blake
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 02/16] qcow2: Use endof() Max Reitz
2019-08-19 19:09 ` Eric Blake
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 03/16] qcow2: Add Error ** to qcow2_read_snapshots() Max Reitz
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 04/16] qcow2: Keep unknown extra snapshot data Max Reitz
2019-08-19 19:23 ` Eric Blake
2019-08-20 11:42 ` Max Reitz
2019-10-11 14:57 ` Max Reitz
2019-08-19 19:34 ` Eric Blake [this message]
2019-08-20 11:43 ` [Qemu-devel] " Max Reitz
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 05/16] qcow2: Make qcow2_write_snapshots() public Max Reitz
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 06/16] qcow2: Put qcow2_upgrade() into its own function Max Reitz
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 07/16] qcow2: Write v3-compliant snapshot list on upgrade Max Reitz
2019-08-19 19:25 ` Eric Blake
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 08/16] qcow2: Separate qcow2_check_read_snapshot_table() Max Reitz
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 09/16] qcow2: Add qcow2_check_fix_snapshot_table() Max Reitz
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 10/16] qcow2: Fix broken snapshot table entries Max Reitz
2019-08-19 19:37 ` Eric Blake
2019-08-20 11:46 ` Max Reitz
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 11/16] qcow2: Keep track of the snapshot table length Max Reitz
2019-08-19 19:40 ` Eric Blake
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 12/16] qcow2: Fix overly long snapshot tables Max Reitz
2019-08-19 19:43 ` Eric Blake
2019-08-20 12:09 ` Max Reitz
2019-08-20 13:04 ` Eric Blake
2019-08-19 18:55 ` [Qemu-devel] [PATCH v2 13/16] qcow2: Repair snapshot table with too many entries Max Reitz
2019-08-19 19:45 ` Eric Blake
2019-08-20 12:12 ` Max Reitz
2019-08-19 18:56 ` [Qemu-devel] [PATCH v2 14/16] qcow2: Fix v3 snapshot table entry compliancy Max Reitz
2019-08-19 19:46 ` Eric Blake
2019-08-19 18:56 ` [Qemu-devel] [PATCH v2 15/16] iotests: Add peek_file* functions Max Reitz
2019-08-19 18:56 ` [Qemu-devel] [PATCH v2 16/16] iotests: Test qcow2's snapshot table handling Max Reitz
2019-08-19 20:25 ` Eric Blake
2019-08-20 11:51 ` Max Reitz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=85d04ded-0bf6-ab67-7af9-cc97f30ad366@redhat.com \
--to=eblake@redhat.com \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).