summaryrefslogtreecommitdiffstats
path: root/block
diff options
context:
space:
mode:
authorDavid Edmondson2021-03-25 12:29:37 +0100
committerStefan Hajnoczi2021-03-31 11:44:21 +0200
commit07ee2ab4fd0147edb64ba88e55407dd9d6656175 (patch)
tree525e18ee0408230431f1d1848f2bfbfad6c55f43 /block
parentblock/vdi: When writing new bmap entry fails, don't leak the buffer (diff)
downloadqemu-07ee2ab4fd0147edb64ba88e55407dd9d6656175.tar.gz
qemu-07ee2ab4fd0147edb64ba88e55407dd9d6656175.tar.xz
qemu-07ee2ab4fd0147edb64ba88e55407dd9d6656175.zip
block/vdi: Don't assume that blocks are larger than VdiHeader
Given that the block size is read from the header of the VDI file, a wide variety of sizes might be seen. Rather than re-using a block sized memory region when writing the VDI header, allocate an appropriately sized buffer. Signed-off-by: David Edmondson <david.edmondson@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Acked-by: Max Reitz <mreitz@redhat.com> Message-id: 20210325112941.365238-3-pbonzini@redhat.com Message-Id: <20210309144015.557477-3-david.edmondson@oracle.com> Acked-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Diffstat (limited to 'block')
-rw-r--r--block/vdi.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/block/vdi.c b/block/vdi.c
index 2a6dc26124..548f8a057b 100644
--- a/block/vdi.c
+++ b/block/vdi.c
@@ -696,18 +696,20 @@ nonallocating_write:
if (block) {
/* One or more new blocks were allocated. */
- VdiHeader *header = (VdiHeader *) block;
+ VdiHeader *header;
uint8_t *base;
uint64_t offset;
uint32_t n_sectors;
+ g_free(block);
+ header = g_malloc(sizeof(*header));
+
logout("now writing modified header\n");
assert(VDI_IS_ALLOCATED(bmap_first));
*header = s->header;
vdi_header_to_le(header);
- ret = bdrv_pwrite(bs->file, 0, block, sizeof(VdiHeader));
- g_free(block);
- block = NULL;
+ ret = bdrv_pwrite(bs->file, 0, header, sizeof(*header));
+ g_free(header);
if (ret < 0) {
return ret;