aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2012-04-12 14:01:03 +0200
committerKevin Wolf <kwolf@redhat.com>2012-05-10 10:32:11 +0200
commit63090dac3a7c5fe02b4285cf2e5fb7017d2c7b0e (patch)
treeb81ebbe1d44f8e7f19d843faa765ab38f13c1b19
parent469ef350e1a8b5715e620dbf6f6115628e5b566e (diff)
downloadqemu-63090dac3a7c5fe02b4285cf2e5fb7017d2c7b0e.zip
qemu-63090dac3a7c5fe02b4285cf2e5fb7017d2c7b0e.tar.gz
qemu-63090dac3a7c5fe02b4285cf2e5fb7017d2c7b0e.tar.bz2
block: open backing file as read-only when probing for size
bdrv_img_create will temporarily open the backing file to probe its size. However, this could be done with a read-write open if the wrong flags are passed to bdrv_img_create. Since there is really no documentation on what flags can be passed, assume that bdrv_img_create receives the flags with which the new image will be opened; sanitize them when opening the backing file. Reported-by: Eric Blake <eblake@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
-rw-r--r--block.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/block.c b/block.c
index dbd60e3..754a422 100644
--- a/block.c
+++ b/block.c
@@ -4103,10 +4103,15 @@ int bdrv_img_create(const char *filename, const char *fmt,
if (backing_file && backing_file->value.s) {
uint64_t size;
char buf[32];
+ int back_flags;
+
+ /* backing files always opened read-only */
+ back_flags =
+ flags & ~(BDRV_O_RDWR | BDRV_O_SNAPSHOT | BDRV_O_NO_BACKING);
bs = bdrv_new("");
- ret = bdrv_open(bs, backing_file->value.s, flags, backing_drv);
+ ret = bdrv_open(bs, backing_file->value.s, back_flags, backing_drv);
if (ret < 0) {
error_report("Could not open '%s'", backing_file->value.s);
goto out;