Am 07.08.2017 um 22:30 hat Eric Blake geschrieben:
> vpc_open() was checking for bdrv_getlength() failure in one, but
> not the other, location.
> 
> Reported-by: Markus Armbruster <arm...@redhat.com>
> Signed-off-by: Eric Blake <ebl...@redhat.com>
> ---
>  block/vpc.c | 9 ++++++++-
>  1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/block/vpc.c b/block/vpc.c
> index 574879ba7c..468d10ec1c 100644
> --- a/block/vpc.c
> +++ b/block/vpc.c
> @@ -219,6 +219,7 @@ static int vpc_open(BlockDriverState *bs, QDict *options, 
> int flags,
>      uint64_t pagetable_size;
>      int disk_type = VHD_DYNAMIC;
>      int ret;
> +    int64_t bs_size;
> 
>      bs->file = bdrv_open_child(NULL, options, "file", bs, &child_file,
>                                 false, errp);
> @@ -411,7 +412,13 @@ static int vpc_open(BlockDriverState *bs, QDict 
> *options, int flags,
>              }
>          }
> 
> -        if (s->free_data_block_offset > bdrv_getlength(bs->file->bs)) {
> +        bs_size = bdrv_getlength(bs->file->bs);
> +        if (bs_size < 0) {
> +            error_setg_errno(errp, -bs_size, "unable to learn image size");

I would start the error message with a capital letter for consistency
with other messages in this function. (It has obviously nothing to do
with my general preference for that style.)

> +            ret = bs_size;
> +            goto fail;
> +        }
> +        if (s->free_data_block_offset > bs_size) {
>              error_setg(errp, "block-vpc: free_data_block_offset points after 
> "
>                               "the end of file. The image has been 
> truncated.");
>              ret = -EINVAL;

Kevin

Reply via email to