|
| From: | Eric Blake |
| Subject: | Re: [PATCH] qcow2: Avoid integer wraparound in qcow2_co_truncate() |
| Date: | Mon, 4 May 2020 09:51:32 -0500 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 |
On 5/4/20 8:47 AM, Alberto Garcia wrote:
Drop this hunk (leave zero_start unchanged), and instead...So, using your numbers, pre-patch, we have zero_start = 0x90000 (0x82000 rounded up to 0x10000 alignment). post-patch, the new MIN() lowers it back to 0x8dc00 (the new size), which is unaligned./* * Use zero clusters as much as we can. qcow2_cluster_zeroize() * requires a cluster-aligned start. The end may be unaligned if it is* at the end of the image (which it is here). */ ret = qcow2_cluster_zeroize(bs, zero_start, offset - zero_start, 0);...patch _this_ call to compute 'QEMU_ALIGN_UP(offset, s->cluster_size) - zero_start' for the length.That would work, but then we would be writing zeroes beyond the end of the image (but still within the last cluster). The other solution is to keep my hunk and call qcow2_cluster_zeroize() only when offset > zero_start.
Yes, that would work, and probably less complicated. -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
| [Prev in Thread] | Current Thread | [Next in Thread] |