On Tue, Mar 20, 2018 at 06:36:31PM +0100, Kevin Wolf wrote:
> It's unclear what the real maximum is, but we use an uint32_t to store
> the log size in vhdx_co_create(), so we should check that the given
> value fits in 32 bits.
>
It's a uint32 in the on-disk header per spec, so I agree the implied max is
UINT32_MAX
Reviewed-by: Jeff Cody <jc...@redhat.com>
> Signed-off-by: Kevin Wolf <kw...@redhat.com>
> ---
> block/vhdx.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/block/vhdx.c b/block/vhdx.c
> index 0e48179b81..a1a0302799 100644
> --- a/block/vhdx.c
> +++ b/block/vhdx.c
> @@ -1829,6 +1829,10 @@ static int coroutine_fn
> vhdx_co_create(BlockdevCreateOptions *opts,
> if (!vhdx_opts->has_log_size) {
> log_size = DEFAULT_LOG_SIZE;
> } else {
> + if (vhdx_opts->log_size > UINT32_MAX) {
> + error_setg(errp, "Log size must be smaller than 4 GB");
> + return -EINVAL;
> + }
> log_size = vhdx_opts->log_size;
> }
> if (log_size < MiB || (log_size % MiB) != 0) {
> --
> 2.13.6
>
