[Qemu-devel] [PULL 46/54] block: fix data type casting for crypto payloa

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PULL 46/54] block: fix data type casting for crypto payloa

From:	Kevin Wolf
Subject:	[Qemu-devel] [PULL 46/54] block: fix data type casting for crypto payload offset
Date:	Fri, 6 Oct 2017 17:54:14 +0200

From: "Daniel P. Berrange" <address@hidden>

The crypto APIs report the offset of the data payload as an uint64_t
type, but the block driver is casting to size_t or ssize_t which will
potentially truncate.

Most of the block APIs use int64_t for offsets meanwhile, so even if
using uint64_t in the crypto block driver we are still at risk of
truncation.

Change the block crypto driver to use uint64_t, but add asserts that
the value is less than INT64_MAX.

Reviewed-by: Max Reitz <address@hidden>
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Message-id: address@hidden
Signed-off-by: Max Reitz <address@hidden>
---
 block/crypto.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/block/crypto.c b/block/crypto.c
index 684cabeaf8..61f5d77bc0 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -364,8 +364,9 @@ static int block_crypto_truncate(BlockDriverState *bs, 
int64_t offset,
                                  PreallocMode prealloc, Error **errp)
 {
     BlockCrypto *crypto = bs->opaque;
-    size_t payload_offset =
+    uint64_t payload_offset =
         qcrypto_block_get_payload_offset(crypto->block);
+    assert(payload_offset < (INT64_MAX - offset));
 
     offset += payload_offset;
 
@@ -395,8 +396,9 @@ block_crypto_co_readv(BlockDriverState *bs, int64_t 
sector_num,
     uint8_t *cipher_data = NULL;
     QEMUIOVector hd_qiov;
     int ret = 0;
-    size_t payload_offset =
+    uint64_t payload_offset =
         qcrypto_block_get_payload_offset(crypto->block) / 512;
+    assert(payload_offset < (INT64_MAX / 512));
 
     qemu_iovec_init(&hd_qiov, qiov->niov);
 
@@ -462,8 +464,9 @@ block_crypto_co_writev(BlockDriverState *bs, int64_t 
sector_num,
     uint8_t *cipher_data = NULL;
     QEMUIOVector hd_qiov;
     int ret = 0;
-    size_t payload_offset =
+    uint64_t payload_offset =
         qcrypto_block_get_payload_offset(crypto->block) / 512;
+    assert(payload_offset < (INT64_MAX / 512));
 
     qemu_iovec_init(&hd_qiov, qiov->niov);
 
@@ -524,7 +527,9 @@ static int64_t block_crypto_getlength(BlockDriverState *bs)
     BlockCrypto *crypto = bs->opaque;
     int64_t len = bdrv_getlength(bs->file->bs);
 
-    ssize_t offset = qcrypto_block_get_payload_offset(crypto->block);
+    uint64_t offset = qcrypto_block_get_payload_offset(crypto->block);
+    assert(offset < INT64_MAX);
+    assert(offset < len);
 
     len -= offset;
 
-- 
2.13.6

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PULL 31/54] qemu-iotests: get rid of $iam, (continued)
- [Qemu-devel] [PULL 31/54] qemu-iotests: get rid of $iam, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 28/54] qemu-iotests: do not include common.rc in "check", Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 33/54] block: Introduce BdrvChildRole.update_filename, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 39/54] block: Uniform handling of 0-length bdrv_get_block_status(), Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 35/54] qemu-iotests: Allow QMP pretty printing in common.qemu, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 34/54] commit: Support multiple roots above top node, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 32/54] qemu-iotests: merge "check" and "common", Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 38/54] qemu-io: Add -C for opening with copy-on-read, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 37/54] commit: Remove overlay_bs, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 40/54] iotests: Restore stty settings on completion, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 46/54] block: fix data type casting for crypto payload offset, Kevin Wolf <=
- [Qemu-devel] [PULL 45/54] crypto: expose encryption sector size in APIs, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 41/54] block: Add blkdebug hook for copy-on-read, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 42/54] block: Perform copy-on-read in loop, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 44/54] block: use 1 MB bounce buffers for crypto instead of 16KB, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 36/54] qemu-iotests: Test commit block job where top has two parents, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 43/54] iotests: Add test 197 for covering copy-on-read, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 47/54] block: convert crypto driver to bdrv_co_preadv|pwritev, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 50/54] block/mirror: check backing in bdrv_mirror_top_refresh_filename, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 48/54] block: convert qcrypto_block_encrypt|decrypt to take bytes offset, Kevin Wolf, 2017/10/06
- [Qemu-devel] [PULL 51/54] iotests: Fix 195 if IMGFMT is part of TEST_DIR, Kevin Wolf, 2017/10/06

Prev by Date: [Qemu-devel] [PULL 40/54] iotests: Restore stty settings on completion
Next by Date: [Qemu-devel] [PULL 45/54] crypto: expose encryption sector size in APIs
Previous by thread: [Qemu-devel] [PULL 40/54] iotests: Restore stty settings on completion
Next by thread: [Qemu-devel] [PULL 45/54] crypto: expose encryption sector size in APIs
Index(es):
- Date
- Thread