Commit 54c42368f57c02b0970bb32b4542f99b913908ba
1 parent
ae2f14af
qcow2: Add plausibility check for L1/L2 entries (Kevin Wolf)
From: Kevin Wolf <kwolf@redhat.com> All L1 and L2 entries must point at the start of a cluster. If there is some offset into the cluster, the entry is corrupted. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@7217 c046a42c-6fe2-441c-8c8c-71466251a162
Showing
1 changed file
with
14 additions
and
0 deletions
block-qcow2.c
| ... | ... | @@ -2666,6 +2666,13 @@ static int check_refcounts_l2(BlockDriverState *bs, |
| 2666 | 2666 | errors += inc_refcounts(bs, refcount_table, |
| 2667 | 2667 | refcount_table_size, |
| 2668 | 2668 | offset, s->cluster_size); |
| 2669 | + | |
| 2670 | + /* Correct offsets are cluster aligned */ | |
| 2671 | + if (offset & (s->cluster_size - 1)) { | |
| 2672 | + fprintf(stderr, "ERROR offset=%" PRIx64 ": Cluster is not " | |
| 2673 | + "properly aligned; L2 entry corrupted.\n", offset); | |
| 2674 | + errors++; | |
| 2675 | + } | |
| 2669 | 2676 | } |
| 2670 | 2677 | } |
| 2671 | 2678 | } |
| ... | ... | @@ -2734,6 +2741,13 @@ static int check_refcounts_l1(BlockDriverState *bs, |
| 2734 | 2741 | l2_offset, |
| 2735 | 2742 | s->cluster_size); |
| 2736 | 2743 | |
| 2744 | + /* L2 tables are cluster aligned */ | |
| 2745 | + if (l2_offset & (s->cluster_size - 1)) { | |
| 2746 | + fprintf(stderr, "ERROR l2_offset=%" PRIx64 ": Table is not " | |
| 2747 | + "cluster aligned; L1 entry corrupted\n", l2_offset); | |
| 2748 | + errors++; | |
| 2749 | + } | |
| 2750 | + | |
| 2737 | 2751 | /* Process and check L2 entries */ |
| 2738 | 2752 | ret = check_refcounts_l2(bs, refcount_table, refcount_table_size, |
| 2739 | 2753 | l2_offset, check_copied); | ... | ... |