[Qemu-devel] [PATCH v4] mirror: correct buf_size

Thu, 14 May 2015 19:47:28 -0700 

If bus_size is less than 0, the command fails.
If buf_size % granularity is not 0, mirror_free_init() will
do dangerous things.

Signed-off-by: Wen Congyang <we...@cn.fujitsu.com>
Reviewed-by: Fam Zheng <f...@redhat.com>
---
 block/mirror.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/block/mirror.c b/block/mirror.c
index 58f391a..603fdf9 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -671,6 +671,10 @@ static void mirror_start_job(BlockDriverState *bs, 
BlockDriverState *target,
         return;
     }
 
+    if (buf_size < 0) {
+        error_setg(errp, "Invalid parameter 'buf-size'");
+        return;
+    }
 
     s = block_job_create(driver, bs, speed, cb, opaque, errp);
     if (!s) {
@@ -684,7 +688,7 @@ static void mirror_start_job(BlockDriverState *bs, 
BlockDriverState *target,
     s->is_none_mode = is_none_mode;
     s->base = base;
     s->granularity = granularity;
-    s->buf_size = MAX(buf_size, granularity);
+    s->buf_size = ROUND_UP(buf_size, granularity);
 
     s->dirty_bitmap = bdrv_create_dirty_bitmap(bs, granularity, NULL, errp);
     if (!s->dirty_bitmap) {
-- 
2.1.0

Reply via email to