[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [RFC PATCH 22/56] block: Mix up signed and unsigned less in
|
From: |
Markus Armbruster |
|
Subject: |
[Qemu-devel] [RFC PATCH 22/56] block: Mix up signed and unsigned less in bdrv_img_create() |
|
Date: |
Mon, 7 Aug 2017 16:45:26 +0200 |
@size is declared int64_t. It's set in two places.
The second one assigns the (signed) value of bdrv_getlength(), then
errors out if its negative.
The first one assigns qemu_opt_get_size(opts, BLOCK_OPT_SIZE, 0),
i.e. an uint64_t value. What if it exceeds INT64_MAX? Is that even
possible? Turns out it is:
$ qemu-img create -o size=9223372036854775808 foo.img
On closer examination, the code still works as long as converting from
uint64_t to int64_t and back doesn't change the value.
Implementation-defined behavior, but sane implementations behave.
Things actually break elsewhere for such sizes, e.g. file-posix.c's
raw_create().
Clean this up.
Signed-off-by: Markus Armbruster <address@hidden>
---
block.c | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git a/block.c b/block.c
index ce9cce7..04cce0d 100644
--- a/block.c
+++ b/block.c
@@ -4309,7 +4309,8 @@ void bdrv_img_create(const char *filename, const char
*fmt,
QemuOptsList *create_opts = NULL;
QemuOpts *opts = NULL;
const char *backing_fmt, *backing_file;
- int64_t size;
+ uint64_t size;
+ int64_t backing_size;
BlockDriver *drv, *proto_drv;
Error *local_err = NULL;
int ret = 0;
@@ -4414,7 +4415,7 @@ void bdrv_img_create(const char *filename, const char
*fmt,
bs = bdrv_open(full_backing, NULL, backing_options, back_flags,
&local_err);
g_free(full_backing);
- if (!bs && size != -1) {
+ if (!bs && size != UINT64_MAX) {
/* Couldn't open BS, but we have a size, so it's nonfatal */
warn_reportf_err(local_err,
"Could not verify backing image. "
@@ -4426,22 +4427,24 @@ void bdrv_img_create(const char *filename, const char
*fmt,
"Could not open backing image to determine
size.\n");
goto out;
} else {
- if (size == -1) {
+ if (size == UINT64_MAX) {
/* Opened BS, have no size */
- size = bdrv_getlength(bs);
- if (size < 0) {
- error_setg_errno(errp, -size, "Could not get size of '%s'",
+ backing_size = bdrv_getlength(bs);
+ if (backing_size < 0) {
+ error_setg_errno(errp, -backing_size,
+ "Could not get size of '%s'",
backing_file);
bdrv_unref(bs);
goto out;
}
+ size = backing_size;
qemu_opt_set_number(opts, BLOCK_OPT_SIZE, size, &error_abort);
}
bdrv_unref(bs);
}
} /* (backing_file && !(flags & BDRV_O_NO_BACKING)) */
- if (size == -1) {
+ if (size == UINT64_MAX) {
error_setg(errp, "Image creation needs a size parameter");
goto out;
}
--
2.7.5
- Re: [Qemu-devel] [RFC PATCH 01/56] qobject: Touch up comments to say @param instead of 'param', (continued)
- [Qemu-devel] [RFC PATCH 17/56] migration: Make MigrationStats sizes unsigned in QAPI/QMP, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 19/56] block: Make snapshot VM state size unsigned in QAPI/QMP, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 13/56] pci: Make PCI addresses and sizes unsigned in QAPI/QMP, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 16/56] migration: Make XBZRLE transferred size unsigned in QAPI/QMP, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 21/56] block: Clean up get_human_readable_size(), Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 22/56] block: Mix up signed and unsigned less in bdrv_img_create(),
Markus Armbruster <=
- [Qemu-devel] [RFC PATCH 25/56] block/qcow2: Change qcow2_calc_prealloc_size() to uint64_t, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 24/56] block/qcow2: Change align_offset() to operate on uint64_t, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 18/56] migration: Make parameter max-bandwidth unsigned in QAPI/QMP, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 02/56] qdict: New helpers to put and get unsigned integers, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 06/56] char: Don't truncate -chardev and HMP chardev-add ringbuf size, Markus Armbruster, 2017/08/07
- [Qemu-devel] [RFC PATCH 15/56] migration: Make XBZRLE cache size unsigned in QAPI/QMP, Markus Armbruster, 2017/08/07