The VMDK driver assumes that its backing file is always a VMDK file, too, because it verifies that when creating the overlay. However, that verification means nothing at runtime, and consequently you can assign non-VMDK backing files to a VMDK node. This then breaks because the driver accesses the backing node as a VMDK node to read its supposed CID to compare it with the overlay's parentCID entry -- which usually fails, either in a benign way (we read from a garbage offset, and then we read garbage or get a read error straight away), or we get a segfault (because the backing node does not have a respective file child).
Anyway, we just shouldn't do it and instead check whether the backing file is a VMDK node before treating it like one. (This fixes http://lists.nongnu.org/archive/html/qemu-block/2018-06/msg01268.html) Max Reitz (2): vmdk: Fix possible segfault with non-VMDK backing iotests: Add VMDK backing file correlation test block/vmdk.c | 6 ++ tests/qemu-iotests/225 | 132 +++++++++++++++++++++++++++++++++++++ tests/qemu-iotests/225.out | 24 +++++++ tests/qemu-iotests/group | 1 + 4 files changed, 163 insertions(+) create mode 100755 tests/qemu-iotests/225 create mode 100644 tests/qemu-iotests/225.out -- 2.17.1
