Git Repo - qemu.git/commit

author	Kevin Wolf <[email protected]>
	Tue, 25 Nov 2014 17:12:40 +0000 (18:12 +0100)
committer	Kevin Wolf <[email protected]>
	Wed, 10 Dec 2014 09:31:13 +0000 (10:31 +0100)
commit	2ebafc854d109ff09b66fb4dd62c2c53fc29754a
tree	2647037960aee19ef9c07457a6e4b3bd93330ffa	tree \| snapshot
parent	3dc7ca3c97dff8732e38828b38e0497efba0fedf	commit \| diff

qcow2: Fix header extension size check

After reading the extension header, offset is incremented, but not
checked against end_offset any more. This way an integer overflow could
happen when checking whether the extension end is within the allowed
range, effectively disabling the check.

This patch adds the missing check and a test case for it.

Cc: [email protected]
Reported-by: Max Reitz <[email protected]>
Signed-off-by: Kevin Wolf <[email protected]>
Reviewed-by: Max Reitz <[email protected]>
Message-id: 1416935562 [email protected]
Signed-off-by: Stefan Hajnoczi <[email protected]>
Signed-off-by: Kevin Wolf <[email protected]>

block/qcow2.c		diff \| blob \| blame \| history
tests/qemu-iotests/080		diff \| blob \| blame \| history
tests/qemu-iotests/080.out		diff \| blob \| blame \| history