qcow2: Assert against snapshot name/ID overflow

qcow2_write_snapshots relies on the length of every snapshot ID and name fitting into an unsigned 16 bit integer. This is currently ensured by QEMU through generally only allowing 128 byte IDs and 256 byte names. However, if this should change in the future, the length written to the image file should not be silently truncated (though the name itself would be written completely). Since this is currently not an issue but might require attention due to internal QEMU changes in the future, an assert ensuring sanity is enough for now. Signed-off-by: N Max Reitz <mreitz@redhat.com> Signed-off-by: N Kevin Wolf <kwolf@redhat.com>

qcow2: Assert against snapshot name/ID overflow
qcow2_write_snapshots relies on the length of every snapshot ID and name fitting into an unsigned 16 bit integer. This is currently ensured by QEMU through generally only allowing 128 byte IDs and 256 byte names. However, if this should change in the future, the length written to the image file should not be silently truncated (though the name itself would be written completely). Since this is currently not an issue but might require attention due to internal QEMU changes in the future, an assert ensuring sanity is enough for now. Signed-off-by: N Max Reitz <mreitz@redhat.com> Signed-off-by: N Kevin Wolf <kwolf@redhat.com>
88fb1535 · Max Reitz · Kevin Wolf · 9186ad96 · 88fb1535
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

block/qcow2-snapshot.c block/qcow2-snapshot.c +1 -0

未找到文件。
--- a/block/qcow2-snapshot.c
+++ b/block/qcow2-snapshot.c
@@ -221,6 +221,7 @@ static int qcow2_write_snapshots(BlockDriverState *bs)

        id_str_size = strlen(sn->id_str);
        name_size = strlen(sn->name);
+        assert(id_str_size <= UINT16_MAX && name_size <= UINT16_MAX);
        h.id_str_size = cpu_to_be16(id_str_size);
        h.name_size = cpu_to_be16(name_size);
        offset = align_offset(offset, 8);