[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.11 0/5] qcow2: Fixes for corrupted images
From: |
Max Reitz |
Subject: |
Re: [Qemu-devel] [PATCH for-2.11 0/5] qcow2: Fixes for corrupted images |
Date: |
Fri, 10 Nov 2017 21:41:27 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 |
On 2017-11-10 21:31, Max Reitz wrote:
> This series contains fixes for another batch of qcow2-related crashes
> reported on Launchpad by Nageswara (the first batch was
> http://lists.nongnu.org/archive/html/qemu-block/2017-11/msg00082.html by
> Berto).
>
> Patch 4 fixes an out-of-bounds array access in memory which is not
> really a security issue for multiple reasons (really, at most you can
> read eight bytes from somewhere with an extremely high chance of
> crashing qemu and requiring the user to invoke a block_resize shrinking
> the qcow2 image (and also reset some bit in the image from 1 to 0, but
> only if the overlap checks don't catch you)), but most importantly that
> code hasn't been in 2.10, so we're fine.
>
>
> Max Reitz (5):
> qcow2: check_errors are fatal
> qcow2: Unaligned zero cluster in handle_alloc()
> block: Guard against NULL bs->drv
> qcow2: Add bounds check to get_refblock_offset()
> qcow2: Refuse to get unaligned offsets from cache
>
> block/qcow2.h | 6 ---
> block.c | 19 ++++++-
> block/io.c | 36 +++++++++++++
> block/qapi.c | 8 ++-
> block/qcow2-cache.c | 21 ++++++++
> block/qcow2-cluster.c | 13 ++++-
> block/qcow2-refcount.c | 26 +++++++++-
> block/qcow2.c | 5 +-
> block/replication.c | 15 ++++++
> block/vvfat.c | 2 +-
> tests/qemu-iotests/060 | 125
> +++++++++++++++++++++++++++++++++++++++++++++
> tests/qemu-iotests/060.out | 115 +++++++++++++++++++++++++++++++++++++++++
> 12 files changed, 379 insertions(+), 12 deletions(-)
I see that Patchew complains, so let's try:
Based-on: <address@hidden>
And let's see whether it can handle the recursive dependency...
(Letting Patchew base something on git branches would be nice O:-))
Also note my follow-up patch "qcow2: Repair unaligned preallocated zero
clusters" which fixes the TODO added in patch 2.
Max
signature.asc
Description: OpenPGP digital signature
- Re: [Qemu-devel] [PATCH for-2.11 4/5] qcow2: Add bounds check to get_refblock_offset(), (continued)
[Qemu-devel] [PATCH for-2.11 5/5] qcow2: Refuse to get unaligned offsets from cache, Max Reitz, 2017/11/10
Re: [Qemu-devel] [PATCH for-2.11 5/5] qcow2: Refuse to get unaligned offsets from cache, Alberto Garcia, 2017/11/14
Re: [Qemu-devel] [PATCH for-2.11 0/5] qcow2: Fixes for corrupted images,
Max Reitz <=
Re: [Qemu-devel] [PATCH for-2.11 0/5] qcow2: Fixes for corrupted images, Max Reitz, 2017/11/15