slackcoder/qemu - QEMU is a generic and open source machine & userspace emulator and virtualizer

diff options

author	Kevin Wolf <kwolf@redhat.com>	2014-11-25 18:12:40 +0100
committer	Michael Roth <mdroth@linux.vnet.ibm.com>	2015-01-14 17:08:42 -0600
commit	b495764ae801daeb4ec690b628301f75838352a1 (patch)
tree	bd4c6111e1b8b379519df229eb0a106dcaf25d7a /hw/cpu
parent	21640bf6e08e4d69bab1bd1ea0bed562d1fc726c (diff)

qcow2: Fix header extension size check

After reading the extension header, offset is incremented, but not checked against end_offset any more. This way an integer overflow could happen when checking whether the extension end is within the allowed range, effectively disabling the check. This patch adds the missing check and a test case for it. Cc: qemu-stable@nongnu.org Reported-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Message-id: 1416935562-7760-2-git-send-email-kwolf@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> (cherry picked from commit 2ebafc854d109ff09b66fb4dd62c2c53fc29754a) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

Diffstat (limited to 'hw/cpu')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: