On Fri, Mar 09, 2018 at 06:27:11PM +0100, Kevin Wolf wrote:
> The .bdrv_getlength implementation of the crypto block driver asserted
> that the payload offset isn't after EOF. This is an invalid assertion to
> make as the image file could be corrupted. Instead, check it and return
> -EIO if the file is too small for the payload offset.
>
> Zero length images are fine, so trigger -EIO only on offset > len, not
> on offset >= len as the assertion did before.
>
> Signed-off-by: Kevin Wolf <kw...@redhat.com>
> ---
> block/crypto.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/block/crypto.c b/block/crypto.c
> index 2035f9ab13..4908d8627f 100644
> --- a/block/crypto.c
> +++ b/block/crypto.c
> @@ -518,7 +518,10 @@ static int64_t block_crypto_getlength(BlockDriverState
> *bs)
>
> uint64_t offset = qcrypto_block_get_payload_offset(crypto->block);
> assert(offset < INT64_MAX);
> - assert(offset < len);
> +
> + if (offset > len) {
> + return -EIO;
> + }
>
> len -= offset;
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
