On Thu 02 Nov 2017 06:24:40 PM CET, Max Reitz wrote: > There are two more cases which might need a check that the return > value of an allocation function isn't 0: > > The first is qcow2_alloc_bytes() which has an assert(offset) after > potentially setting offset = new_cluster (with new_cluster being the > return value of alloc_clusters_noref()).
Ok. I don't know how to reproduce it, though, but a check won't hurt. > The second is qcow2_crypto_hdr_init_func() which is simply missing a > pre-write overlap check. But that is called when you create a new image, i.e., this is not QEMU handling a corrupted image incorrectly, but QEMU itself trying to create a corrupted image. I'd rather use assert(qcow2_pre_write_overlap_check(...) == 0); Berto
