From nobody Fri Nov 7 12:35:13 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1539106138748876.5955511871415; Tue, 9 Oct 2018 10:28:58 -0700 (PDT) Received: from localhost ([::1]:53067 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g9voX-0007Fk-N1 for importer@patchew.org; Tue, 09 Oct 2018 13:28:57 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46609) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1g9vks-0004fr-85 for qemu-devel@nongnu.org; Tue, 09 Oct 2018 13:25:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1g9vkr-00058r-5A for qemu-devel@nongnu.org; Tue, 09 Oct 2018 13:25:10 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:51720) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1g9vkq-00053d-R1; Tue, 09 Oct 2018 13:25:09 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1g9vkn-00053x-99; Tue, 09 Oct 2018 18:25:05 +0100 From: Peter Maydell To: qemu-devel@nongnu.org Date: Tue, 9 Oct 2018 18:24:59 +0100 Message-Id: <20181009172501.17353-2-peter.maydell@linaro.org> X-Mailer: git-send-email 2.19.0 In-Reply-To: <20181009172501.17353-1-peter.maydell@linaro.org> References: <20181009172501.17353-1-peter.maydell@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 1/3] block/qcow2: Don't take address of fields in packed structs X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , qemu-block@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RDMRC_1 RSF_0 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Taking the address of a field in a packed struct is a bad idea, because it might not be actually aligned enough for that pointer type (and thus cause a crash on dereference on some host architectures). Newer versions of clang warn about this. Avoid the bug by not using the "modify in place" byte swapping functions. There are a few places where the in-place swap function is used on something other than a packed struct field; we convert those anyway, for consistency. This patch was produced with the following spatch script (and hand-editing to fold a few resulting overlength lines): @@ expression E; @@ -be16_to_cpus(&E); +E =3D be16_to_cpu(E); @@ expression E; @@ -be32_to_cpus(&E); +E =3D be32_to_cpu(E); @@ expression E; @@ -be64_to_cpus(&E); +E =3D be64_to_cpu(E); @@ expression E; @@ -cpu_to_be16s(&E); +E =3D cpu_to_be16(E); @@ expression E; @@ -cpu_to_be32s(&E); +E =3D cpu_to_be32(E); @@ expression E; @@ -cpu_to_be64s(&E); +E =3D cpu_to_be64(E); Signed-off-by: Peter Maydell --- block/qcow2.c | 64 +++++++++++++++++++++++++++------------------------ 1 file changed, 34 insertions(+), 30 deletions(-) diff --git a/block/qcow2.c b/block/qcow2.c index 7277feda135..33e12bbe0fd 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -210,8 +210,8 @@ static int qcow2_read_extensions(BlockDriverState *bs, = uint64_t start_offset, "pread fail from offset %" PRIu64, offset); return 1; } - be32_to_cpus(&ext.magic); - be32_to_cpus(&ext.len); + ext.magic =3D be32_to_cpu(ext.magic); + ext.len =3D be32_to_cpu(ext.len); offset +=3D sizeof(ext); #ifdef DEBUG_EXT printf("ext.magic =3D 0x%x\n", ext.magic); @@ -279,8 +279,8 @@ static int qcow2_read_extensions(BlockDriverState *bs, = uint64_t start_offset, "Unable to read CRYPTO header extension"); return ret; } - be64_to_cpus(&s->crypto_header.offset); - be64_to_cpus(&s->crypto_header.length); + s->crypto_header.offset =3D be64_to_cpu(s->crypto_header.offse= t); + s->crypto_header.length =3D be64_to_cpu(s->crypto_header.lengt= h); =20 if ((s->crypto_header.offset % s->cluster_size) !=3D 0) { error_setg(errp, "Encryption header offset '%" PRIu64 "' i= s " @@ -342,9 +342,11 @@ static int qcow2_read_extensions(BlockDriverState *bs,= uint64_t start_offset, return -EINVAL; } =20 - be32_to_cpus(&bitmaps_ext.nb_bitmaps); - be64_to_cpus(&bitmaps_ext.bitmap_directory_size); - be64_to_cpus(&bitmaps_ext.bitmap_directory_offset); + bitmaps_ext.nb_bitmaps =3D be32_to_cpu(bitmaps_ext.nb_bitmaps); + bitmaps_ext.bitmap_directory_size =3D + be64_to_cpu(bitmaps_ext.bitmap_directory_size); + bitmaps_ext.bitmap_directory_offset =3D + be64_to_cpu(bitmaps_ext.bitmap_directory_offset); =20 if (bitmaps_ext.nb_bitmaps > QCOW2_MAX_BITMAPS) { error_setg(errp, @@ -1160,19 +1162,20 @@ static int coroutine_fn qcow2_do_open(BlockDriverSt= ate *bs, QDict *options, error_setg_errno(errp, -ret, "Could not read qcow2 header"); goto fail; } - be32_to_cpus(&header.magic); - be32_to_cpus(&header.version); - be64_to_cpus(&header.backing_file_offset); - be32_to_cpus(&header.backing_file_size); - be64_to_cpus(&header.size); - be32_to_cpus(&header.cluster_bits); - be32_to_cpus(&header.crypt_method); - be64_to_cpus(&header.l1_table_offset); - be32_to_cpus(&header.l1_size); - be64_to_cpus(&header.refcount_table_offset); - be32_to_cpus(&header.refcount_table_clusters); - be64_to_cpus(&header.snapshots_offset); - be32_to_cpus(&header.nb_snapshots); + header.magic =3D be32_to_cpu(header.magic); + header.version =3D be32_to_cpu(header.version); + header.backing_file_offset =3D be64_to_cpu(header.backing_file_offset); + header.backing_file_size =3D be32_to_cpu(header.backing_file_size); + header.size =3D be64_to_cpu(header.size); + header.cluster_bits =3D be32_to_cpu(header.cluster_bits); + header.crypt_method =3D be32_to_cpu(header.crypt_method); + header.l1_table_offset =3D be64_to_cpu(header.l1_table_offset); + header.l1_size =3D be32_to_cpu(header.l1_size); + header.refcount_table_offset =3D be64_to_cpu(header.refcount_table_off= set); + header.refcount_table_clusters =3D + be32_to_cpu(header.refcount_table_clusters); + header.snapshots_offset =3D be64_to_cpu(header.snapshots_offset); + header.nb_snapshots =3D be32_to_cpu(header.nb_snapshots); =20 if (header.magic !=3D QCOW_MAGIC) { error_setg(errp, "Image is not in qcow2 format"); @@ -1208,11 +1211,12 @@ static int coroutine_fn qcow2_do_open(BlockDriverSt= ate *bs, QDict *options, header.refcount_order =3D 4; header.header_length =3D 72; } else { - be64_to_cpus(&header.incompatible_features); - be64_to_cpus(&header.compatible_features); - be64_to_cpus(&header.autoclear_features); - be32_to_cpus(&header.refcount_order); - be32_to_cpus(&header.header_length); + header.incompatible_features =3D + be64_to_cpu(header.incompatible_features); + header.compatible_features =3D be64_to_cpu(header.compatible_featu= res); + header.autoclear_features =3D be64_to_cpu(header.autoclear_feature= s); + header.refcount_order =3D be32_to_cpu(header.refcount_order); + header.header_length =3D be32_to_cpu(header.header_length); =20 if (header.header_length < 104) { error_setg(errp, "qcow2 header too short"); @@ -1401,7 +1405,7 @@ static int coroutine_fn qcow2_do_open(BlockDriverStat= e *bs, QDict *options, goto fail; } for(i =3D 0;i < s->l1_size; i++) { - be64_to_cpus(&s->l1_table[i]); + s->l1_table[i] =3D be64_to_cpu(s->l1_table[i]); } } =20 @@ -2346,13 +2350,13 @@ int qcow2_update_header(BlockDriverState *bs) =20 /* Full disk encryption header pointer extension */ if (s->crypto_header.offset !=3D 0) { - cpu_to_be64s(&s->crypto_header.offset); - cpu_to_be64s(&s->crypto_header.length); + s->crypto_header.offset =3D cpu_to_be64(s->crypto_header.offset); + s->crypto_header.length =3D cpu_to_be64(s->crypto_header.length); ret =3D header_ext_add(buf, QCOW2_EXT_MAGIC_CRYPTO_HEADER, &s->crypto_header, sizeof(s->crypto_header), buflen); - be64_to_cpus(&s->crypto_header.offset); - be64_to_cpus(&s->crypto_header.length); + s->crypto_header.offset =3D be64_to_cpu(s->crypto_header.offset); + s->crypto_header.length =3D be64_to_cpu(s->crypto_header.length); if (ret < 0) { goto fail; } --=20 2.19.0