[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header exte
From: |
Stefan Hajnoczi |
Subject: |
Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions |
Date: |
Tue, 28 Feb 2012 10:00:30 +0000 |
On Tue, Feb 28, 2012 at 9:47 AM, Kevin Wolf <address@hidden> wrote:
> Am 28.02.2012 10:33, schrieb Stefan Hajnoczi:
>> On Mon, Feb 27, 2012 at 4:27 PM, Kevin Wolf <address@hidden> wrote:
>>> + if (ext.len > 65536) {
>>> + error_report("Header extension larger than 64k - this looks
>>> wrong");
>>> + return -ENOTSUP;
>>> + }
>>
>> This is an implementation limit and not in the spec, but I think it's
>> reasonable.
>>
>> Reviewed-by: Stefan Hajnoczi <address@hidden>
>
> Hm, actually, now that I look at this patch again, I think there's a
> much better error condition that even matches the spec:
>
> if (offset + ext.len > end_offset)
Careful, integer overflow.
Stefan