diff options
-rw-r--r-- | block/qcow.c | 10 | ||||
-rwxr-xr-x | tests/qemu-iotests/092 | 63 | ||||
-rw-r--r-- | tests/qemu-iotests/092.out | 13 | ||||
-rw-r--r-- | tests/qemu-iotests/group | 1 |
4 files changed, 85 insertions, 2 deletions
diff --git a/block/qcow.c b/block/qcow.c index 3684794dee..e60df234c4 100644 --- a/block/qcow.c +++ b/block/qcow.c @@ -128,11 +128,17 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags, goto fail; } - if (header.size <= 1 || header.cluster_bits < 9) { - error_setg(errp, "invalid value in qcow header"); + if (header.size <= 1) { + error_setg(errp, "Image size is too small (must be at least 2 bytes)"); ret = -EINVAL; goto fail; } + if (header.cluster_bits < 9 || header.cluster_bits > 16) { + error_setg(errp, "Cluster size must be between 512 and 64k"); + ret = -EINVAL; + goto fail; + } + if (header.crypt_method > QCOW_CRYPT_AES) { error_setg(errp, "invalid encryption method in qcow header"); ret = -EINVAL; diff --git a/tests/qemu-iotests/092 b/tests/qemu-iotests/092 new file mode 100755 index 0000000000..d060e6fa87 --- /dev/null +++ b/tests/qemu-iotests/092 @@ -0,0 +1,63 @@ +#!/bin/bash +# +# qcow1 format input validation tests +# +# Copyright (C) 2014 Red Hat, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +# creator +owner=kwolf@redhat.com + +seq=`basename $0` +echo "QA output created by $seq" + +here=`pwd` +tmp=/tmp/$$ +status=1 # failure is the default! + +_cleanup() +{ + rm -f $TEST_IMG.snap + _cleanup_test_img +} +trap "_cleanup; exit \$status" 0 1 2 3 15 + +# get standard environment, filters and checks +. ./common.rc +. ./common.filter + +_supported_fmt qcow +_supported_proto generic +_supported_os Linux + +offset_cluster_bits=32 + +echo +echo "== Invalid cluster size ==" +_make_test_img 64M +poke_file "$TEST_IMG" "$offset_cluster_bits" "\xff" +{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir +poke_file "$TEST_IMG" "$offset_cluster_bits" "\x1f" +{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir +poke_file "$TEST_IMG" "$offset_cluster_bits" "\x08" +{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir +poke_file "$TEST_IMG" "$offset_cluster_bits" "\x11" +{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir + +# success, all done +echo "*** done" +rm -f $seq.full +status=0 diff --git a/tests/qemu-iotests/092.out b/tests/qemu-iotests/092.out new file mode 100644 index 0000000000..8bf81580cd --- /dev/null +++ b/tests/qemu-iotests/092.out @@ -0,0 +1,13 @@ +QA output created by 092 + +== Invalid cluster size == +Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 +qemu-io: can't open device TEST_DIR/t.qcow: Cluster size must be between 512 and 64k +no file open, try 'help open' +qemu-io: can't open device TEST_DIR/t.qcow: Cluster size must be between 512 and 64k +no file open, try 'help open' +qemu-io: can't open device TEST_DIR/t.qcow: Cluster size must be between 512 and 64k +no file open, try 'help open' +qemu-io: can't open device TEST_DIR/t.qcow: Cluster size must be between 512 and 64k +no file open, try 'help open' +*** done diff --git a/tests/qemu-iotests/group b/tests/qemu-iotests/group index 2988cfde99..0f074403ae 100644 --- a/tests/qemu-iotests/group +++ b/tests/qemu-iotests/group @@ -98,3 +98,4 @@ 089 rw auto quick 090 rw auto quick 091 rw auto +092 rw auto quick |