On 11 July 2017 at 17:07, Max Reitz <[email protected]> wrote:
> From: Vladimir Sementsov-Ogievskiy <[email protected]>
>
> Realize .bdrv_remove_persistent_dirty_bitmap interface.
>
> Signed-off-by: Vladimir Sementsov-Ogievskiy <[email protected]>
> Reviewed-by: Max Reitz <[email protected]>
> Reviewed-by: John Snow <[email protected]>
> Message-id: [email protected]
> Signed-off-by: Max Reitz <[email protected]>
> +void qcow2_remove_persistent_dirty_bitmap(BlockDriverState *bs,
> + const char *name,
> + Error **errp)
> +{
> + int ret;
> + BDRVQcow2State *s = bs->opaque;
> + Qcow2Bitmap *bm;
> + Qcow2BitmapList *bm_list;
> +
> + if (s->nb_bitmaps == 0) {
> + /* Absence of the bitmap is not an error: see explanation above
> + * bdrv_remove_persistent_dirty_bitmap() definition. */
> + return;
> + }
> +
> + bm_list = bitmap_list_load(bs, s->bitmap_directory_offset,
> + s->bitmap_directory_size, errp);
> + if (bm_list == NULL) {
> + return;
> + }
> +
> + bm = find_bitmap_by_name(bm_list, name);
> + if (bm == NULL) {
> + goto fail;
> + }
> +
> + QSIMPLEQ_REMOVE(bm_list, bm, Qcow2Bitmap, entry);
> +
> + ret = update_ext_header_and_dir(bs, bm_list);
> + if (ret < 0) {
> + error_setg_errno(errp, -ret, "Failed to update bitmap extension");
> + goto fail;
> + }
> +
> + free_bitmap_clusters(bs, &bm->table);
> +
> +fail:
> + bitmap_free(bm);
> + bitmap_list_free(bm_list);
> +}
Coverity points out that this can crash in the error-exit paths,
because bitmap_free() doesn't handle being passed a NULL pointer.
(CID 1377700).
Probably the best fix for this is to make bitmap_free() do
nothing when handed NULL.
thanks
-- PMM
