]> Git Repo - qemu.git/commit - tests/qemu-iotests/078
projects / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 246f658) | patch
bochs: Check catalog_size header field (CVE-2014-0143)
authorKevin Wolf <[email protected]>
Wed, 26 Mar 2014 12:05:33 +0000 (13:05 +0100)
committerStefan Hajnoczi <[email protected]>
Tue, 1 Apr 2014 11:59:47 +0000 (13:59 +0200)
commite3737b820b45e54b059656dc3f914f895ac7a88b
tree2f5378471709e413a5e59a5ee85e0ea5453a7a7atree | snapshot
parent246f65838d19db6db55bfb41117c35645a2c4789commit | diff
bochs: Check catalog_size header field (CVE-2014-0143)

It should neither become negative nor allow unbounded memory
allocations. This fixes aborts in g_malloc() and an s->catalog_bitmap
buffer overflow on big endian hosts.

Signed-off-by: Kevin Wolf <[email protected]>
Reviewed-by: Stefan Hajnoczi <[email protected]>
Reviewed-by: Max Reitz <[email protected]>
Signed-off-by: Stefan Hajnoczi <[email protected]>
block/bochs.c diff | blob | blame | history
tests/qemu-iotests/078 diff | blob | blame | history
tests/qemu-iotests/078.out diff | blob | blame | history
Empty description
This page took 0.026428 seconds and 4 git commands to generate.