diff options
author | Max Reitz <mreitz@redhat.com> | 2016-06-20 16:26:23 +0200 |
---|---|---|
committer | Max Reitz <mreitz@redhat.com> | 2016-07-13 13:41:38 +0200 |
commit | c834cba90521576224c30b15ebb4d6aeab7b42c4 (patch) | |
tree | 1b43ac7b6bcbf994e04065fcb3287ae574760c7a /include/fpu | |
parent | a367467995d0528fe591d87ca2e437c7b7d7951b (diff) | |
download | qemu-c834cba90521576224c30b15ebb4d6aeab7b42c4.tar.gz qemu-c834cba90521576224c30b15ebb4d6aeab7b42c4.tar.bz2 qemu-c834cba90521576224c30b15ebb4d6aeab7b42c4.zip |
qcow2: Fix qcow2_get_cluster_offset()
Recently, qcow2_get_cluster_offset() has been changed to work with bytes
instead of sectors. This invalidated some assertions and introduced a
possible integer multiplication overflow.
This could be reproduced using e.g.
$ qemu-img create -f qcow2 -o cluster_size=1M blub.qcow2 8G
Formatting 'foo.qcow2', fmt=qcow2 size=8589934592 encryption=off
cluster_size=1048576 lazy_refcounts=off refcount_bits=16
$ qemu-io -c map blub.qcow2
qemu-io: qemu/block/qcow2-cluster.c:504: qcow2_get_cluster_offset:
Assertion `bytes_needed <= INT_MAX' failed.
[1] 20775 abort (core dumped) qemu-io -c map foo.qcow2
This patch removes the now wrong assertion, adding comments and more
assertions to prove its correctness (and fixing the overflow which would
become apparent with the original assertion removed).
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20160620142623.24471-3-mreitz@redhat.com
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
Diffstat (limited to 'include/fpu')
0 files changed, 0 insertions, 0 deletions