[Qemu-devel] [PATCH 06/11] vvfat: fix out of bounds array

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 06/11] vvfat: fix out of bounds array_get usage

From:	Kevin Wolf
Subject:	[Qemu-devel] [PATCH 06/11] vvfat: fix out of bounds array_get usage
Date:	Mon, 7 Nov 2011 17:55:13 +0100

From: Paolo Bonzini <address@hidden>

When reading the address of the first free entry, you cannot
use array_get without first marking all entries as occupied.

This is visible if you change the sectors per cluster on a
floppy from 2 to 1.

Signed-off-by: Paolo Bonzini <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
---
 block/vvfat.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/block/vvfat.c b/block/vvfat.c
index e1fcdbc..75d0dc0 100644
--- a/block/vvfat.c
+++ b/block/vvfat.c
@@ -799,6 +799,7 @@ static int read_directory(BDRVVVFATState* s, int 
mapping_index)
        /* root directory */
        int cur = s->directory.next;
        array_ensure_allocated(&(s->directory), ROOT_ENTRIES - 1);
+       s->directory.next = ROOT_ENTRIES;
        memset(array_get(&(s->directory), cur), 0,
                (ROOT_ENTRIES - cur) * sizeof(direntry_t));
     }
-- 
1.7.6.4

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 00/11] Block patches for 1.0, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 03/11] dma: Avoid reentrancy in DMA transfer handlers, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 01/11] qemu-io: Handle create_iovec errors, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 05/11] block/cloop: Use g_free instead of free, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 04/11] block/cloop: Fix coding style, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 08/11] vvfat: need to use first_sectors_number to distinguish fdd/hdd, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 06/11] vvfat: fix out of bounds array_get usage, Kevin Wolf <=
- [Qemu-devel] [PATCH 09/11] vvfat: unify and correct computation of sector count, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 02/11] qemu-io: Fix multiwrite_f error handling, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 07/11] vvfat: do not fail if the disk has spare sectors, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 10/11] vvfat: do not hardcode sector counts in error message, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PATCH 11/11] vvfat: reorganize computation of disk geometry, Kevin Wolf, 2011/11/07
- [Qemu-devel] [PULL 00/11] Block patches for 1.0, Kevin Wolf, 2011/11/07

Prev by Date: [Qemu-devel] [PATCH 08/11] vvfat: need to use first_sectors_number to distinguish fdd/hdd
Next by Date: [Qemu-devel] [PATCH 09/11] vvfat: unify and correct computation of sector count
Previous by thread: [Qemu-devel] [PATCH 08/11] vvfat: need to use first_sectors_number to distinguish fdd/hdd
Next by thread: [Qemu-devel] [PATCH 09/11] vvfat: unify and correct computation of sector count
Index(es):
- Date
- Thread