ping
I suppose this one can go in now.
On Wed 14 Nov 2018 03:58:57 PM CET, Alberto Garcia wrote:
> Refcount table entries have a field to store the offset of the
> refcount block. The rest of the bits of the entry are currently
> reserved.
>
> The offset is always taken from the entry using REFT_OFFSET_MASK to
> ensure that we only use the bits that belong to that field.
>
> While that mask is used every time we read from the refcount table, it
> is never used when we write to it. Due to the other constraints of the
> qcow2 format QEMU can never produce refcount block offsets that don't
> fit in that field so any such offset when allocating a refcount block
> would indicate a bug in QEMU.
>
> Signed-off-by: Alberto Garcia <be...@igalia.com>
> Reviewed-by: Eric Blake <ebl...@redhat.com>
> ---
> v2: Add missing Signed-off-by: line
> ---
> block/qcow2-refcount.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
> index 46082aeac1..31a2e1f845 100644
> --- a/block/qcow2-refcount.c
> +++ b/block/qcow2-refcount.c
> @@ -367,6 +367,9 @@ static int alloc_refcount_block(BlockDriverState *bs,
> return new_block;
> }
>
> + /* The offset must fit in the offset field of the refcount table entry */
> + assert((new_block & REFT_OFFSET_MASK) == new_block);
> +
> /* If we're allocating the block at offset 0 then something is wrong */
> if (new_block == 0) {
> qcow2_signal_corruption(bs, true, -1, -1, "Preventing invalid "
> --
> 2.11.0
