qcow2: Assert against snapshot name/ID overflow

qcow2_write_snapshots relies on the length of every snapshot ID and name fitting into an unsigned 16 bit integer. This is currently ensured by QEMU through generally only allowing 128 byte IDs and 256 byte names. However, if this should change in the future, the length written to the image file should not be silently truncated (though the name itself would be written completely). Since this is currently not an issue but might require attention due to internal QEMU changes in the future, an assert ensuring sanity is enough for now. Signed-off-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
author: Max Reitz <mreitz@redhat.com> 2013-10-09 10:51:06 +0200
committer: Kevin Wolf <kwolf@redhat.com> 2013-10-11 16:49:59 +0200
commit: 88fb15351284868b70fa1d5b101e809057fcc5aa (patch)
tree: b8d5c8d1e918ecb3ff76a5ad6490f0f812705c64 /block/qcow2-snapshot.c
parent: 9186ad9658cc597937fbc03ad66bceb3a0515d99 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/block/qcow2-snapshot.c b/block/qcow2-snapshot.c
index f6f3e6423d..812dab2aa5 100644
--- a/block/qcow2-snapshot.c
+++ b/block/qcow2-snapshot.c
@@ -221,6 +221,7 @@ static int qcow2_write_snapshots(BlockDriverState *bs)
 
         id_str_size = strlen(sn->id_str);
         name_size = strlen(sn->name);
+        assert(id_str_size <= UINT16_MAX && name_size <= UINT16_MAX);
         h.id_str_size = cpu_to_be16(id_str_size);
         h.name_size = cpu_to_be16(name_size);
         offset = align_offset(offset, 8);
author	Max Reitz <mreitz@redhat.com>	2013-10-09 10:51:06 +0200
committer	Kevin Wolf <kwolf@redhat.com>	2013-10-11 16:49:59 +0200
commit	88fb15351284868b70fa1d5b101e809057fcc5aa (patch)
tree	b8d5c8d1e918ecb3ff76a5ad6490f0f812705c64 /block/qcow2-snapshot.c
parent	9186ad9658cc597937fbc03ad66bceb3a0515d99 (diff)