aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMax Reitz <mreitz@redhat.com>2019-08-15 17:36:35 +0200
committerMax Reitz <mreitz@redhat.com>2019-09-03 14:55:35 +0200
commitbedb8bb41953fd7ee15236cc6005d97063d38efa (patch)
treeee2de8b424fe76f713e9e8d8b7682ddef332b2b7
parent12b7cbcabcacb9393b1aeebd2c23d49a25451ad5 (diff)
downloadqemu-bedb8bb41953fd7ee15236cc6005d97063d38efa.zip
qemu-bedb8bb41953fd7ee15236cc6005d97063d38efa.tar.gz
qemu-bedb8bb41953fd7ee15236cc6005d97063d38efa.tar.bz2
vmdk: Reject invalid compressed writes
Compressed writes generally have to write full clusters, not just in theory but also in practice when it comes to vmdk's streamOptimized subformat. It currently is just silently broken for writes with non-zero in-cluster offsets: $ qemu-img create -f vmdk -o subformat=streamOptimized foo.vmdk 1M $ qemu-io -c 'write 4k 4k' -c 'read 4k 4k' foo.vmdk wrote 4096/4096 bytes at offset 4096 4 KiB, 1 ops; 00.01 sec (443.724 KiB/sec and 110.9309 ops/sec) read failed: Invalid argument (The technical reason is that vmdk_write_extent() just writes the incomplete compressed data actually to offset 4k. When reading the data, vmdk_read_extent() looks at offset 0 and finds the compressed data size to be 0, because that is what it reads from there. This yields an error.) For incomplete writes with zero in-cluster offsets, the error path when reading the rest of the cluster is a bit different, but the result is the same: $ qemu-img create -f vmdk -o subformat=streamOptimized foo.vmdk 1M $ qemu-io -c 'write 0k 4k' -c 'read 4k 4k' foo.vmdk wrote 4096/4096 bytes at offset 0 4 KiB, 1 ops; 00.01 sec (362.641 KiB/sec and 90.6603 ops/sec) read failed: Invalid argument (Here, vmdk_read_extent() finds the data and then sees that the uncompressed data is short.) It is better to reject invalid writes than to make the user believe they might have succeeded and then fail when trying to read it back. Signed-off-by: Max Reitz <mreitz@redhat.com> Reviewed-by: John Snow <jsnow@redhat.com> Message-id: 20190815153638.4600-5-mreitz@redhat.com Reviewed-by: John Snow <jsnow@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
-rw-r--r--block/vmdk.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/block/vmdk.c b/block/vmdk.c
index a7f82e6..fed3b50 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -1734,6 +1734,16 @@ static int vmdk_write_extent(VmdkExtent *extent, int64_t cluster_offset,
if (extent->compressed) {
void *compressed_data;
+ /* Only whole clusters */
+ if (offset_in_cluster ||
+ n_bytes > (extent->cluster_sectors * SECTOR_SIZE) ||
+ (n_bytes < (extent->cluster_sectors * SECTOR_SIZE) &&
+ offset + n_bytes != extent->end_sector * SECTOR_SIZE))
+ {
+ ret = -EINVAL;
+ goto out;
+ }
+
if (!extent->has_marker) {
ret = -EINVAL;
goto out;