From nobody Sun May 19 11:06:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org ARC-Seal: i=1; a=rsa-sha256; t=1586183736; cv=none; d=zohomail.com; s=zohoarc; b=WEjSJmdKFLklrr52eiJQUvp+FuGqMOeJh/8dv/q8GqOvBKNPH2Ng4Gybt5lPi+JPz1xRY3Xmup2Aejvb5my+gDG+Qy1lQfqgQ5LUQNMBin3/6ZVk9c2v0pfH+ioE6TmGr11vmHMUHO5hyawCN7ATfnKvr6ogdsTk858KoT4UXDg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1586183736; h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=4GWbeQ2pliEe6uGlHb33wkxZbf0DrTbM06Aojy9guGw=; b=ANxTp8xjxENxnckRtYbxg9HqleWO/DpRuREdDDvwQlfAii9g5HAILrQzDqNH1e+MNac+EA+ykoMJKZ67dTe8yzWrZ1MDRLQ6TfkFyo6HAjs6BjVZ9ObQZhrfrrkm3QO9mETS449h8R0i4tTHylPHRnFWCh48Rd1kr9ThxFuD/Ys= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1586183736276560.0568006936616; Mon, 6 Apr 2020 07:35:36 -0700 (PDT) Received: from localhost ([::1]:32886 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jLSqc-0000h6-L5 for importer@patchew.org; Mon, 06 Apr 2020 10:35:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:32955) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jLSpp-0008OL-14 for qemu-devel@nongnu.org; Mon, 06 Apr 2020 10:34:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jLSpn-0006MG-TT for qemu-devel@nongnu.org; Mon, 06 Apr 2020 10:34:44 -0400 Received: from fanzine.igalia.com ([178.60.130.6]:47347) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jLSpn-0006BP-Jz; Mon, 06 Apr 2020 10:34:43 -0400 Received: from [81.0.35.113] (helo=perseus.local) by fanzine.igalia.com with esmtpsa (Cipher TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim) id 1jLSpO-0006Kr-2U; Mon, 06 Apr 2020 16:34:18 +0200 Received: from berto by perseus.local with local (Exim 4.92) (envelope-from ) id 1jLSpA-0006zs-0M; Mon, 06 Apr 2020 16:34:04 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=igalia.com; s=20170329; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From; bh=4GWbeQ2pliEe6uGlHb33wkxZbf0DrTbM06Aojy9guGw=; b=TKtLg4sWr9gVXdx2sFgvcRhrxvvlrcUdqJIwLN3iRHAt5xoqKKFKnj77CbrsEJWOWZmNjMkxN0X+qFT8T6REhkwAIZoBl/E/UH3Z7m9EQdC+Z9+J4IuMd7k4Dgt32GjI0K7vF5V+FrWLa3TCagA3szZntsJ3p6ZajkqDYCtcDqPsfHAyaiaa84HENWCOCYlKFand4mHu6Qv652XBWb55QMh8Mw0wgJKe3GPNi2+EbmAEEt9zz5g6pqRpaX56Ku7xX7fn2/Lg+H6ffvVtW4VD5sJ0E0xhNWkdLODuRJn11jFRnDjEbYl7o5zH0ckhNQx6owoTCmh3TmoQ5kzeCqQVVQ==; From: Alberto Garcia To: qemu-devel@nongnu.org Subject: [PATCH v2] qcow2: Check request size in qcow2_co_pwritev_compressed_part() Date: Mon, 6 Apr 2020 16:34:01 +0200 Message-Id: <20200406143401.26854-1-berto@igalia.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x (no timestamps) [generic] [fuzzy] X-Received-From: 178.60.130.6 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Vladimir Sementsov-Ogievskiy , Alberto Garcia , qemu-block@nongnu.org, Pavel Butsykin , Max Reitz , Andrey Shinkevich Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" When issuing a compressed write request the number of bytes must be a multiple of the cluster size or reach the end of the last cluster. With the current code such requests are allowed and we hit an assertion: $ qemu-img create -f qcow2 img.qcow2 1M $ qemu-io -c 'write -c 0 32k' img.qcow2 qemu-io: block/qcow2.c:4257: qcow2_co_pwritev_compressed_task: Assertion `bytes =3D=3D s->cluster_size || (bytes < s->cluster_size && (offset + bytes =3D=3D bs->total_sectors << BDRV_SECTOR_BITS)= )' failed. Aborted This patch fixes a regression introduced in 0d483dce38 Signed-off-by: Alberto Garcia Reviewed-by: Andrey Shinkevich Reviewed-by: Vladimir Sementsov-Ogievskiy --- block/qcow2.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/block/qcow2.c b/block/qcow2.c index 2bb536b014..587cf51948 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -4349,6 +4349,11 @@ qcow2_co_pwritev_compressed_part(BlockDriverState *b= s, return -EINVAL; } =20 + if (offset_into_cluster(s, bytes) && + (offset + bytes) !=3D (bs->total_sectors << BDRV_SECTOR_BITS)) { + return -EINVAL; + } + while (bytes && aio_task_pool_status(aio) =3D=3D 0) { uint64_t chunk_size =3D MIN(bytes, s->cluster_size); =20 --=20 2.20.1