[06/30] block: open backing file as read-only when probing for size

Message ID 1336650574-12835-7-git-send-email-kwolf@redhat.com
State New
Headers show

Commit Message

Kevin Wolf May 10, 2012, 11:49 a.m.
From: Paolo Bonzini <pbonzini@redhat.com>

bdrv_img_create will temporarily open the backing file to probe its size.
However, this could be done with a read-write open if the wrong flags are
passed to bdrv_img_create.  Since there is really no documentation on
what flags can be passed, assume that bdrv_img_create receives the flags
with which the new image will be opened; sanitize them when opening
the backing file.

Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
 block.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)


diff --git a/block.c b/block.c
index dbd60e3..754a422 100644
--- a/block.c
+++ b/block.c
@@ -4103,10 +4103,15 @@  int bdrv_img_create(const char *filename, const char *fmt,
         if (backing_file && backing_file->value.s) {
             uint64_t size;
             char buf[32];
+            int back_flags;
+            /* backing files always opened read-only */
+            back_flags =
+                flags & ~(BDRV_O_RDWR | BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING);
             bs = bdrv_new("");
-            ret = bdrv_open(bs, backing_file->value.s, flags, backing_drv);
+            ret = bdrv_open(bs, backing_file->value.s, back_flags, backing_drv);
             if (ret < 0) {
                 error_report("Could not open '%s'", backing_file->value.s);
                 goto out;