luks: Turn invalid assertion into check

The .bdrv_getlength implementation of the crypto block driver asserted that the payload offset isn't after EOF. This is an invalid assertion to make as the image file could be corrupted. Instead, check it and return -EIO if the file is too small for the payload offset. Zero length images are fine, so trigger -EIO only on offset > len, not on offset >= len as the assertion did before. Signed-off-by: N Kevin Wolf <kwolf@redhat.com> Reviewed-by: N Daniel P. Berrangé <berrange@redhat.com>

luks: Turn invalid assertion into check
The .bdrv_getlength implementation of the crypto block driver asserted that the payload offset isn't after EOF. This is an invalid assertion to make as the image file could be corrupted. Instead, check it and return -EIO if the file is too small for the payload offset. Zero length images are fine, so trigger -EIO only on offset > len, not on offset >= len as the assertion did before. Signed-off-by: N Kevin Wolf <kwolf@redhat.com> Reviewed-by: N Daniel P. Berrangé <berrange@redhat.com>
e39e959e · Kevin Wolf · 1bedcaf1 · e39e959e
隐藏空白更改
内联并排

Showing with 4 addition and 1 deletion

block/crypto.c block/crypto.c +4 -1

未找到文件。
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -518,7 +518,10 @@ static int64_t block_crypto_getlength(BlockDriverState *bs)

    uint64_t offset = qcrypto_block_get_payload_offset(crypto->block);
    assert(offset < INT64_MAX);
-    assert(offset < len);
+
+    if (offset > len) {
+        return -EIO;
+    }

    len -= offset;