qcow2: Check new refcount table size on growth

If the size becomes larger than what qcow2_open() would accept, fail the growing operation. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
author: Kevin Wolf <kwolf@redhat.com> 2014-03-26 13:05:50 +0100
committer: Stefan Hajnoczi <stefanha@redhat.com> 2014-04-01 15:22:34 +0200
commit: 2b5d5953eec0cc541857c3df812bdf8421596ab2 (patch)
tree: 46005cfd30454c30b3e4853a8146e1ac260bee3c /block/qcow2-refcount.c
parent: db8a31d11d6a60f48d6817530640d75aa72a9a2f (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
index 561d65925c..1c78ff8c97 100644
--- a/block/qcow2-refcount.c
+++ b/block/qcow2-refcount.c
@@ -311,6 +311,10 @@ static int alloc_refcount_block(BlockDriverState *bs,
     uint64_t refcount_block_clusters = 1 << (s->cluster_bits - REFCOUNT_SHIFT);
     uint64_t blocks_used = DIV_ROUND_UP(cluster_index, refcount_block_clusters);
 
+    if (blocks_used > QCOW_MAX_REFTABLE_SIZE / sizeof(uint64_t)) {
+        return -EFBIG;
+    }
+
     /* And now we need at least one block more for the new metadata */
     uint64_t table_size = next_refcount_table_size(s, blocks_used + 1);
     uint64_t last_table_size;
author	Kevin Wolf <kwolf@redhat.com>	2014-03-26 13:05:50 +0100
committer	Stefan Hajnoczi <stefanha@redhat.com>	2014-04-01 15:22:34 +0200
commit	2b5d5953eec0cc541857c3df812bdf8421596ab2 (patch)
tree	46005cfd30454c30b3e4853a8146e1ac260bee3c /block/qcow2-refcount.c
parent	db8a31d11d6a60f48d6817530640d75aa72a9a2f (diff)