qcow1: Validate image size (CVE-2014-0223) - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Kevin Wolf <kwolf@redhat.com>	2014-05-08 13:08:20 +0200
committer	Kevin Wolf <kwolf@redhat.com>	2014-05-19 11:36:49 +0200
commit	46485de0cb357b57373e1ca895adedf1f3ed46ec (patch)
tree	3d7bdb3799feee94728a37374a26349d46e7b227 /include/qemu-common.h
parent	42eb58179b3b215bb507da3262b682b8a2ec10b5 (diff)
download	focaccia-qemu-46485de0cb357b57373e1ca895adedf1f3ed46ec.tar.gz focaccia-qemu-46485de0cb357b57373e1ca895adedf1f3ed46ec.zip

qcow1: Validate image size (CVE-2014-0223)

A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.

This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).

Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

Diffstat (limited to 'include/qemu-common.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: