]> Git Repo - qemu.git/commit
projects / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 42eb581) | patch
qcow1: Validate image size (CVE-2014-0223)
authorKevin Wolf <[email protected]>
Thu, 8 May 2014 11:08:20 +0000 (13:08 +0200)
committerKevin Wolf <[email protected]>
Mon, 19 May 2014 09:36:49 +0000 (11:36 +0200)
commit46485de0cb357b57373e1ca895adedf1f3ed46ec
tree3d7bdb3799feee94728a37374a26349d46e7b227tree | snapshot
parent42eb58179b3b215bb507da3262b682b8a2ec10b5commit | diff
qcow1: Validate image size (CVE-2014-0223)

A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.

This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).

Cc: [email protected]
Signed-off-by: Kevin Wolf <[email protected]>
block/qcow.c diff | blob | blame | history
tests/qemu-iotests/092 diff | blob | blame | history
tests/qemu-iotests/092.out diff | blob | blame | history
Empty description
This page took 0.02435 seconds and 4 git commands to generate.