| #!/bin/bash |
| # |
| # qcow2 format input validation tests |
| # |
| # Copyright (C) 2013 Red Hat, Inc. |
| # |
| # This program is free software; you can redistribute it and/or modify |
| # it under the terms of the GNU General Public License as published by |
| # the Free Software Foundation; either version 2 of the License, or |
| # (at your option) any later version. |
| # |
| # This program is distributed in the hope that it will be useful, |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| # GNU General Public License for more details. |
| # |
| # You should have received a copy of the GNU General Public License |
| # along with this program. If not, see <http://www.gnu.org/licenses/>. |
| # |
| |
| # creator |
| owner=kwolf@redhat.com |
| |
| seq=`basename $0` |
| echo "QA output created by $seq" |
| |
| here=`pwd` |
| tmp=/tmp/$$ |
| status=1 # failure is the default! |
| |
| _cleanup() |
| { |
| rm -f $TEST_IMG.snap |
| _cleanup_test_img |
| } |
| trap "_cleanup; exit \$status" 0 1 2 3 15 |
| |
| # get standard environment, filters and checks |
| . ./common.rc |
| . ./common.filter |
| |
| _supported_fmt qcow2 |
| _supported_proto file |
| _supported_os Linux |
| |
| header_size=104 |
| |
| offset_backing_file_offset=8 |
| offset_backing_file_size=16 |
| offset_l1_size=36 |
| offset_l1_table_offset=40 |
| offset_refcount_table_offset=48 |
| offset_refcount_table_clusters=56 |
| offset_nb_snapshots=60 |
| offset_snapshots_offset=64 |
| offset_header_size=100 |
| offset_ext_magic=$header_size |
| offset_ext_size=$((header_size + 4)) |
| |
| offset_l2_table_0=$((0x40000)) |
| |
| offset_snap1=$((0x70000)) |
| offset_snap1_l1_offset=$((offset_snap1 + 0)) |
| offset_snap1_l1_size=$((offset_snap1 + 8)) |
| |
| echo |
| echo "== Huge header size ==" |
| _make_test_img 64M |
| poke_file "$TEST_IMG" "$offset_header_size" "\xff\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_header_size" "\x7f\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Huge unknown header extension ==" |
| _make_test_img 64M |
| poke_file "$TEST_IMG" "$offset_backing_file_offset" "\xff\xff\xff\xff\xff\xff\xff\xff" |
| poke_file "$TEST_IMG" "$offset_ext_magic" "\x12\x34\x56\x78" |
| poke_file "$TEST_IMG" "$offset_ext_size" "\x7f\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x00" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Huge refcount table size ==" |
| _make_test_img 64M |
| poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\xff\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x02\x00\x01" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Misaligned refcount table ==" |
| _make_test_img 64M |
| poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Huge refcount offset ==" |
| _make_test_img 64M |
| poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\xff\xff\xff\xff\xff\xff\x00\x00" |
| poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x00\x00\x7f" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Invalid snapshot table ==" |
| _make_test_img 64M |
| poke_file "$TEST_IMG" "$offset_nb_snapshots" "\xff\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x7f\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| poke_file "$TEST_IMG" "$offset_snapshots_offset" "\xff\xff\xff\xff\xff\xff\x00\x00" |
| poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" |
| poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\x00\x00" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Hitting snapshot table size limit ==" |
| _make_test_img 64M |
| # Put the refcount table in a more or less safe place (16 MB) |
| poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x00\x00\x00\x00\x01\x00\x00\x00" |
| poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x01\x00\x00" |
| { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Invalid L1 table ==" |
| _make_test_img 64M |
| poke_file "$TEST_IMG" "$offset_l1_size" "\xff\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_l1_size" "\x7f\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x7f\xff\xff\xff\xff\xff\x00\x00" |
| poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef" |
| poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x01" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Invalid L1 table (with internal snapshot in the image) ==" |
| _make_test_img 64M |
| { $QEMU_IMG snapshot -c foo $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x00" |
| _img_info |
| |
| echo |
| echo "== Invalid backing file size ==" |
| _make_test_img 64M |
| poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x10\x00" |
| poke_file "$TEST_IMG" "$offset_backing_file_size" "\xff\xff\xff\xff" |
| { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Invalid L2 entry (huge physical offset) ==" |
| _make_test_img 64M |
| { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_l2_table_0" "\xbf\xff\xff\xff\xff\xff\x00\x00" |
| { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_l2_table_0" "\x80\x00\x00\xff\xff\xff\x00\x00" |
| { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| |
| echo |
| echo "== Invalid snapshot L1 table ==" |
| _make_test_img 64M |
| { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir |
| { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir |
| poke_file "$TEST_IMG" "$offset_snap1_l1_size" "\x10\x00\x00\x00" |
| { $QEMU_IMG convert -s test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir |
| |
| # success, all done |
| echo "*** done" |
| rm -f $seq.full |
| status=0 |