aboutsummaryrefslogtreecommitdiff
path: root/block/vhdx.c
diff options
context:
space:
mode:
authorJeff Cody <jcody@redhat.com>2017-08-07 08:38:19 -0400
committerKevin Wolf <kwolf@redhat.com>2017-08-08 14:37:00 +0200
commit3f910692c287e1c611c00e763ebeb95ed0e017f8 (patch)
tree092b43cbc81611cb505a35dc64b9acfdf901de83 /block/vhdx.c
parent795be0621a643f3d103d112dfcbddee2992f5035 (diff)
downloadqemu-3f910692c287e1c611c00e763ebeb95ed0e017f8.zip
qemu-3f910692c287e1c611c00e763ebeb95ed0e017f8.tar.gz
qemu-3f910692c287e1c611c00e763ebeb95ed0e017f8.tar.bz2
block/vhdx: check error return of bdrv_getlength()
Calls to bdrv_getlength() were not checking for error. In vhdx.c, this can lead to truncating an image file, so it is a definite bug. In vhdx-log.c, the path for improper behavior is less clear, but it is best to check in any case. Some minor code movement of the log_guid intialization, as well. Reported-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Jeff Cody <jcody@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Diffstat (limited to 'block/vhdx.c')
-rw-r--r--block/vhdx.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/block/vhdx.c b/block/vhdx.c
index a9cecd2..37224b8 100644
--- a/block/vhdx.c
+++ b/block/vhdx.c
@@ -1166,7 +1166,14 @@ exit:
static int vhdx_allocate_block(BlockDriverState *bs, BDRVVHDXState *s,
uint64_t *new_offset)
{
- *new_offset = bdrv_getlength(bs->file->bs);
+ int64_t current_len;
+
+ current_len = bdrv_getlength(bs->file->bs);
+ if (current_len < 0) {
+ return current_len;
+ }
+
+ *new_offset = current_len;
/* per the spec, the address for a block is in units of 1MB */
*new_offset = ROUND_UP(*new_offset, 1024 * 1024);