From 0a5d705e471c975ca6ca4547cd3a0eb5fa5d3291 Mon Sep 17 00:00:00 2001

From: Max Reitz <mreitz@redhat.com>

Date: Mon, 27 Nov 2017 17:28:39 +0100

Subject: [PATCH 7/9] qcow2: Prevent backing file names longer than 1023

RH-Author: Max Reitz <mreitz@redhat.com>

Message-id: <20171127172839.22264-2-mreitz@redhat.com>

Patchwork-id: 77916

O-Subject: [RHEL-7.5 qemu-kvm PATCH 1/1] qcow2: Prevent backing file names longer than 1023

Bugzilla: 1459714

RH-Acked-by: John Snow <jsnow@redhat.com>

RH-Acked-by: Fam Zheng <famz@redhat.com>

RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>

We reject backing file names with a length of more than 1023 characters

when opening a qcow2 file, so we should not produce such files

ourselves.

Cc: qemu-stable@nongnu.org

Signed-off-by: Max Reitz <mreitz@redhat.com>

Signed-off-by: Kevin Wolf <kwolf@redhat.com>

(cherry picked from commit 4e876bcf2bdb3a7353df92d19bfec0afd1650bc4)

Signed-off-by: Max Reitz <mreitz@redhat.com>

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>

---

 block/qcow2.c | 4 ++++

 1 file changed, 4 insertions(+)

diff --git a/block/qcow2.c b/block/qcow2.c

index 61f7e57..dc831ba 100644

--- a/block/qcow2.c

+++ b/block/qcow2.c

@@ -1497,6 +1497,10 @@ static int qcow2_change_backing_file(BlockDriverState *bs,

 {

     BDRVQcowState *s = bs->opaque;

+    if (backing_file && strlen(backing_file) > 1023) {

+        return -EINVAL;

+    }

+

     pstrcpy(bs->backing_file, sizeof(bs->backing_file), backing_file ?: "");

     pstrcpy(bs->backing_format, sizeof(bs->backing_format), backing_fmt ?: "");

-- 

1.8.3.1