| Message ID | 20180320173632.25480-12-kwolf@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | block: Follow-up for .bdrv_co_create (part 1) | expand |
On 03/20/2018 12:36 PM, Kevin Wolf wrote: > It's unclear what the real maximum is, but we use an uint32_t to store > the log size in vhdx_co_create(), so we should check that the given > value fits in 32 bits. > > Signed-off-by: Kevin Wolf <kwolf@redhat.com> > --- > block/vhdx.c | 4 ++++ > 1 file changed, 4 insertions(+) Reviewed-by: Eric Blake <eblake@redhat.com> > > diff --git a/block/vhdx.c b/block/vhdx.c > index 0e48179b81..a1a0302799 100644 > --- a/block/vhdx.c > +++ b/block/vhdx.c > @@ -1829,6 +1829,10 @@ static int coroutine_fn vhdx_co_create(BlockdevCreateOptions *opts, > if (!vhdx_opts->has_log_size) { > log_size = DEFAULT_LOG_SIZE; > } else { > + if (vhdx_opts->log_size > UINT32_MAX) { > + error_setg(errp, "Log size must be smaller than 4 GB"); > + return -EINVAL; > + } > log_size = vhdx_opts->log_size; > } > if (log_size < MiB || (log_size % MiB) != 0) { >
On Tue, Mar 20, 2018 at 06:36:31PM +0100, Kevin Wolf wrote: > It's unclear what the real maximum is, but we use an uint32_t to store > the log size in vhdx_co_create(), so we should check that the given > value fits in 32 bits. > It's a uint32 in the on-disk header per spec, so I agree the implied max is UINT32_MAX Reviewed-by: Jeff Cody <jcody@redhat.com> > Signed-off-by: Kevin Wolf <kwolf@redhat.com> > --- > block/vhdx.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/block/vhdx.c b/block/vhdx.c > index 0e48179b81..a1a0302799 100644 > --- a/block/vhdx.c > +++ b/block/vhdx.c > @@ -1829,6 +1829,10 @@ static int coroutine_fn vhdx_co_create(BlockdevCreateOptions *opts, > if (!vhdx_opts->has_log_size) { > log_size = DEFAULT_LOG_SIZE; > } else { > + if (vhdx_opts->log_size > UINT32_MAX) { > + error_setg(errp, "Log size must be smaller than 4 GB"); > + return -EINVAL; > + } > log_size = vhdx_opts->log_size; > } > if (log_size < MiB || (log_size % MiB) != 0) { > -- > 2.13.6 >
diff --git a/block/vhdx.c b/block/vhdx.c index 0e48179b81..a1a0302799 100644 --- a/block/vhdx.c +++ b/block/vhdx.c @@ -1829,6 +1829,10 @@ static int coroutine_fn vhdx_co_create(BlockdevCreateOptions *opts, if (!vhdx_opts->has_log_size) { log_size = DEFAULT_LOG_SIZE; } else { + if (vhdx_opts->log_size > UINT32_MAX) { + error_setg(errp, "Log size must be smaller than 4 GB"); + return -EINVAL; + } log_size = vhdx_opts->log_size; } if (log_size < MiB || (log_size % MiB) != 0) {
It's unclear what the real maximum is, but we use an uint32_t to store the log size in vhdx_co_create(), so we should check that the given value fits in 32 bits. Signed-off-by: Kevin Wolf <kwolf@redhat.com> --- block/vhdx.c | 4 ++++ 1 file changed, 4 insertions(+)