qemu/block
Alberto Garcia 951053a9ec qcow2: Don't open images with header.refcount_table_clusters == 0
qcow2_do_open() is checking that header.refcount_table_clusters is not
too large, but it doesn't check that it's greater than zero. Apart
from the fact that an image like that is obviously corrupted, trying
to use it crashes QEMU since we end up with a null s->refcount_table
after qcow2_refcount_init().

These images can however be repaired, so allow opening them if the
BDRV_O_CHECK flag is set.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Message-id: f9750f50c80359babba11062e88f5075a47e8e16.1509718618.git.berto@igalia.com
Signed-off-by: Max Reitz <mreitz@redhat.com>
2017-11-14 18:06:25 +01:00
..
accounting.c block: make accounting thread-safe 2017-06-16 07:55:00 +08:00
backup.c dirty-bitmap: Change bdrv_dirty_iter_next() to report byte offset 2017-10-06 16:28:58 +02:00
blkdebug.c block: Align block status requests 2017-10-26 14:45:57 +02:00
blkreplay.c block: change variable names in BlockDriverState 2017-06-26 14:54:46 +02:00
blkverify.c blkverify: Catch bs->exact_filename overflow 2017-06-26 14:54:46 +02:00
block-backend.c block: Leave valid throttle timers when removing a BDS from a backend 2017-11-13 15:43:49 +00:00
bochs.c block: do not set BDS read_only if copy_on_read enabled 2017-04-24 15:09:33 -04:00
cloop.c block: do not set BDS read_only if copy_on_read enabled 2017-04-24 15:09:33 -04:00
commit.c commit: Remove overlay_bs 2017-10-06 16:28:58 +02:00
crypto.c block: support passthrough of BDRV_REQ_FUA in crypto driver 2017-10-06 16:30:47 +02:00
crypto.h qcow: convert QCow to use QCryptoBlock for encryption 2017-07-11 17:44:56 +02:00
curl.c curl: do not do aio_poll when waiting for a free CURLState 2017-05-16 10:34:50 -04:00
dirty-bitmap.c dirty-bitmap: Convert internal hbitmap size/granularity 2017-10-06 16:28:58 +02:00
dmg-bz2.c
dmg.c dmg: use DIV_ROUND_UP 2017-08-31 12:29:07 +02:00
dmg.h
file-posix.c file-posix: Clear out first sector in hdev_create 2017-09-26 14:46:23 +02:00
file-win32.c qapi: Change data type of the FOO_lookup generated for enum FOO 2017-09-04 13:09:13 +02:00
gluster.c qapi: Change data type of the FOO_lookup generated for enum FOO 2017-09-04 13:09:13 +02:00
io.c block: Reduce bdrv_aligned_preadv() rounding 2017-10-26 14:45:57 +02:00
iscsi-opts.c
iscsi.c scsi: move block/scsi.h to include/scsi/constants.h 2017-09-19 14:09:31 +02:00
linux-aio.c block: explicitly acquire aiocontext in aio callbacks that need it 2017-02-21 11:39:39 +00:00
Makefile.objs block: add throttle block filter driver 2017-09-06 10:12:02 +02:00
mirror.c block: Convert bdrv_get_block_status_above() to bytes 2017-10-26 14:45:57 +02:00
nbd-client.c nbd-client: Stricter enforcing of structured reply spec 2017-11-09 10:22:26 -06:00
nbd-client.h nbd: Minimal structured read for client 2017-10-30 21:48:41 +01:00
nbd.c nbd: Implement NBD_INFO_BLOCK_SIZE on client 2017-07-14 12:04:42 +02:00
nfs.c qapi: Mechanically convert FOO_lookup[...] to FOO_str(...) 2017-09-04 13:09:13 +02:00
null.c block/null: Remove 'filename' option 2017-08-08 15:19:16 +02:00
parallels.c qapi: drop the sentinel in enum array 2017-09-04 13:09:13 +02:00
qapi.c block: move ThrottleGroup membership to ThrottleGroupMember 2017-09-05 16:47:51 +02:00
qcow2-bitmap.c qcow2: Switch store_bitmap_data() to byte-based iteration 2017-10-06 16:28:58 +02:00
qcow2-cache.c qcow2: add qcow2_cache_discard 2017-09-26 15:00:32 +02:00
qcow2-cluster.c qcow2: Prevent allocating L2 tables at offset 0 2017-11-14 18:06:25 +01:00
qcow2-refcount.c qcow2: Prevent allocating compressed clusters at offset 0 2017-11-14 18:06:25 +01:00
qcow2-snapshot.c qcow2: Discard/zero clusters by byte count 2017-05-11 14:28:07 +02:00
qcow2.c qcow2: Don't open images with header.refcount_table_clusters == 0 2017-11-14 18:06:25 +01:00
qcow2.h qcow2: truncate the tail of the image file after shrinking the image 2017-10-06 16:30:48 +02:00
qcow.c block: convert qcrypto_block_encrypt|decrypt to take bytes offset 2017-10-06 16:30:47 +02:00
qed-check.c
qed-cluster.c qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
qed-l2-cache.c qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
qed-table.c qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
qed.c block: rename bdrv_co_drain to bdrv_co_drain_begin 2017-10-13 12:38:41 +01:00
qed.h qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
quorum.c qapi: Change data type of the FOO_lookup generated for enum FOO 2017-09-04 13:09:13 +02:00
raw-format.c block: remove unused bdrv_media_changed 2017-09-04 18:31:13 +02:00
rbd.c qapi: Mechanically convert FOO_lookup[...] to FOO_str(...) 2017-09-04 13:09:13 +02:00
replication.c block: Add reopen_queue to bdrv_child_perm() 2017-09-26 14:46:23 +02:00
sheepdog.c Merge QEMU I/O 2017/09/05 v2 2017-09-05 14:14:33 +01:00
snapshot.c qobject: Use simpler QDict/QList scalar insertion macros 2017-05-09 09:13:51 +02:00
ssh.c util: remove the obsolete non-blocking connect 2017-09-05 13:21:58 +01:00
stream.c block: Make bdrv_is_allocated_above() byte-based 2017-07-10 13:18:07 +02:00
throttle-groups.c throttle-groups: drain before detaching ThrottleState 2017-11-13 14:02:09 +00:00
throttle.c block/throttle.c: add bdrv_co_drain_begin/end callbacks 2017-10-13 12:38:41 +01:00
trace-events block: Make bdrv_round_to_clusters() signature more useful 2017-10-26 14:45:57 +02:00
vdi.c vdi: make it thread-safe 2017-07-17 11:28:15 +08:00
vhdx-endian.c
vhdx-log.c vhdx: use QEMU_ALIGN_DOWN 2017-08-31 12:29:07 +02:00
vhdx.c block/vhdx: check for offset overflow to bdrv_truncate() 2017-08-08 14:37:00 +02:00
vhdx.h
vmdk.c vmdk: Fix error handling/reporting of vmdk_check 2017-08-08 15:19:16 +02:00
vpc.c vpc: use DIV_ROUND_UP 2017-08-31 12:29:07 +02:00
vvfat.c block: Add reopen_queue to bdrv_child_perm() 2017-09-26 14:46:23 +02:00
vxhs.c qobject: Use simpler QDict/QList scalar insertion macros 2017-05-09 09:13:51 +02:00
win32-aio.c block: explicitly acquire aiocontext in aio callbacks that need it 2017-02-21 11:39:39 +00:00
write-threshold.c