3 # qcow2 format input validation tests
5 # Copyright (C) 2013 Red Hat, Inc.
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 2 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
22 owner
=kwolf@redhat.com
25 echo "QA output created by $seq"
29 status
=1 # failure is the default!
36 trap "_cleanup; exit \$status" 0 1 2 3 15
38 # get standard environment, filters and checks
48 offset_backing_file_offset
=8
49 offset_backing_file_size
=16
51 offset_l1_table_offset
=40
52 offset_refcount_table_offset
=48
53 offset_refcount_table_clusters
=56
54 offset_nb_snapshots
=60
55 offset_snapshots_offset
=64
56 offset_header_size
=100
57 offset_ext_magic
=$header_size
58 offset_ext_size
=$
((header_size
+ 4))
60 offset_l2_table_0
=$
((0x40000))
62 offset_snap1
=$
((0x70000))
63 offset_snap1_l1_offset
=$
((offset_snap1
+ 0))
64 offset_snap1_l1_size
=$
((offset_snap1
+ 8))
67 echo "== Huge header size =="
69 poke_file
"$TEST_IMG" "$offset_header_size" "\xff\xff\xff\xff"
70 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
71 poke_file
"$TEST_IMG" "$offset_header_size" "\x7f\xff\xff\xff"
72 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
75 echo "== Huge unknown header extension =="
77 poke_file
"$TEST_IMG" "$offset_backing_file_offset" "\xff\xff\xff\xff\xff\xff\xff\xff"
78 poke_file
"$TEST_IMG" "$offset_ext_magic" "\x12\x34\x56\x78"
79 poke_file
"$TEST_IMG" "$offset_ext_size" "\x7f\xff\xff\xff"
80 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
81 poke_file
"$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x$(printf %x $offset_ext_size)"
82 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
83 poke_file
"$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
84 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
87 echo "== Huge refcount table size =="
89 poke_file
"$TEST_IMG" "$offset_refcount_table_clusters" "\xff\xff\xff\xff"
90 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
91 poke_file
"$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x02\x00\x01"
92 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
95 echo "== Misaligned refcount table =="
97 poke_file
"$TEST_IMG" "$offset_refcount_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
98 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
101 echo "== Huge refcount offset =="
103 poke_file
"$TEST_IMG" "$offset_refcount_table_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
104 poke_file
"$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x00\x00\x7f"
105 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
108 echo "== Invalid snapshot table =="
110 poke_file
"$TEST_IMG" "$offset_nb_snapshots" "\xff\xff\xff\xff"
111 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
112 poke_file
"$TEST_IMG" "$offset_nb_snapshots" "\x7f\xff\xff\xff"
113 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
115 poke_file
"$TEST_IMG" "$offset_snapshots_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
116 poke_file
"$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\xff\xff"
117 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
119 poke_file
"$TEST_IMG" "$offset_snapshots_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
120 poke_file
"$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\x00\x00"
121 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
124 echo "== Hitting snapshot table size limit =="
126 # Put the refcount table in a more or less safe place (16 MB)
127 poke_file
"$TEST_IMG" "$offset_snapshots_offset" "\x00\x00\x00\x00\x01\x00\x00\x00"
128 poke_file
"$TEST_IMG" "$offset_nb_snapshots" "\x00\x01\x00\x00"
129 { $QEMU_IMG snapshot
-c test $TEST_IMG; } 2>&1 | _filter_testdir
130 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
133 echo "== Invalid L1 table =="
135 poke_file
"$TEST_IMG" "$offset_l1_size" "\xff\xff\xff\xff"
136 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
137 poke_file
"$TEST_IMG" "$offset_l1_size" "\x7f\xff\xff\xff"
138 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
140 poke_file
"$TEST_IMG" "$offset_l1_table_offset" "\x7f\xff\xff\xff\xff\xff\x00\x00"
141 poke_file
"$TEST_IMG" "$offset_l1_size" "\x00\x00\xff\xff"
142 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
144 poke_file
"$TEST_IMG" "$offset_l1_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
145 poke_file
"$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x01"
146 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
149 echo "== Invalid L1 table (with internal snapshot in the image) =="
151 { $QEMU_IMG snapshot
-c foo
$TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
152 poke_file
"$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x00"
156 echo "== Invalid backing file size =="
158 poke_file
"$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x10\x00"
159 poke_file
"$TEST_IMG" "$offset_backing_file_size" "\xff\xff\xff\xff"
160 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
163 echo "== Invalid L2 entry (huge physical offset) =="
165 { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
166 poke_file
"$TEST_IMG" "$offset_l2_table_0" "\xbf\xff\xff\xff\xff\xff\x00\x00"
167 { $QEMU_IMG snapshot
-c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
168 poke_file
"$TEST_IMG" "$offset_l2_table_0" "\x80\x00\x00\xff\xff\xff\x00\x00"
169 { $QEMU_IMG snapshot
-c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
172 echo "== Invalid snapshot L1 table =="
174 { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
175 { $QEMU_IMG snapshot
-c test $TEST_IMG; } 2>&1 | _filter_testdir
176 poke_file
"$TEST_IMG" "$offset_snap1_l1_size" "\x10\x00\x00\x00"
177 { $QEMU_IMG convert
-s test $TEST_IMG $TEST_IMG.snap
; } 2>&1 | _filter_testdir