[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-block] [PATCH] qcow2 spec: Describe string header extensions

From: Eric Blake
Subject: Re: [Qemu-block] [PATCH] qcow2 spec: Describe string header extensions
Date: Thu, 7 Mar 2019 11:40:25 -0600
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1

On 3/7/19 10:53 AM, Kevin Wolf wrote:
> Be more specific about the string representation in header extensions.
> Suggested-by: Stefan Hajnoczi <address@hidden>
> Signed-off-by: Kevin Wolf <address@hidden>
> ---
>  docs/interop/qcow2.txt | 14 ++++++++++++--
>  1 file changed, 12 insertions(+), 2 deletions(-)

Based-on: <address@hidden>

> +== String header extensions ==
> +
> +Some header extensions (such as the backing file format name and the external
> +data file name) are just a single string. In this case, the header extension
> +length is the string length and the string is not '\0' terminated. (The 
> header
> +extension padding can make it look like a string is '\0' terminated, but
> +neither is padding always necessary nor is there a guarantee that zero bytes
> +are used for padding.)

We didn't require 0 padding?  (goes and re-reads) - oops, yes that's
correct. It makes it harder to extend a struct by making use of that
padding if you can't guarantee what the padding had to be prior to the
extension, and means that you have to consider whether there are any
potential security risks of the padding being used as a side channel to
leak information while still being a well-formed file. But changing the
standard to require zero padding is different than documenting existing
practice, so your patch is correct.

Reviewed-by: Eric Blake <address@hidden>

Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]