|
From: | Eric Blake |
Subject: | Re: [PATCH v2 3/5] qemu-img: validate image length in img_map |
Date: | Wed, 6 May 2020 17:01:07 -0500 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 |
On 5/6/20 4:34 PM, Eyal Moscovici wrote:
The code handles this case correctly we merely skip the loop. However it is probably best to return an explicit error. Acked-by: Mark Kanda <address@hidden> Signed-off-by: Eyal Moscovici <address@hidden> --- qemu-img.c | 5 +++++ 1 file changed, 5 insertions(+)
Reviewed-by: Eric Blake <address@hidden>
diff --git a/qemu-img.c b/qemu-img.c index 4a06ab7fe8..a1b507a0be 100644 --- a/qemu-img.c +++ b/qemu-img.c @@ -3086,6 +3086,11 @@ static int img_map(int argc, char **argv) }length = blk_getlength(blk);+ if (length < 0) { + error_report("Failed to get size for '%s'", filename); + return 1; + } + while (curr.start + curr.length < length) { int64_t offset = curr.start + curr.length; int64_t n;
-- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
[Prev in Thread] | Current Thread | [Next in Thread] |