Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header exte

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header exte

From:	Stefan Hajnoczi
Subject:	Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions
Date:	Tue, 28 Feb 2012 10:00:30 +0000

On Tue, Feb 28, 2012 at 9:47 AM, Kevin Wolf <address@hidden> wrote:
> Am 28.02.2012 10:33, schrieb Stefan Hajnoczi:
>> On Mon, Feb 27, 2012 at 4:27 PM, Kevin Wolf <address@hidden> wrote:
>>> +        if (ext.len > 65536) {
>>> +            error_report("Header extension larger than 64k - this looks 
>>> wrong");
>>> +            return -ENOTSUP;
>>> +        }
>>
>> This is an implementation limit and not in the spec, but I think it's
>> reasonable.
>>
>> Reviewed-by: Stefan Hajnoczi <address@hidden>
>
> Hm, actually, now that I look at this patch again, I think there's a
> much better error condition that even matches the spec:
>
>    if (offset + ext.len > end_offset)

Careful, integer overflow.

Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions, Kevin Wolf, 2012/02/27
- Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions, Stefan Hajnoczi, 2012/02/28
  - Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions, Kevin Wolf, 2012/02/28
    - Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions, Stefan Hajnoczi <=
    - Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions, Kevin Wolf, 2012/02/28

Prev by Date: [Qemu-devel] Wireshark SCSI dissectors for new transports
Next by Date: Re: [Qemu-devel] [PATCH] kvm: notify host when guest paniced
Previous by thread: Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions
Next by thread: Re: [Qemu-devel] [PATCH] qcow2: Reject unrealistically large header extensions
Index(es):
- Date
- Thread