qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v3 4/6] vmdk: Check descriptor file length when

From: Max Reitz
Subject: Re: [Qemu-devel] [PATCH v3 4/6] vmdk: Check descriptor file length when reading it
Date: Wed, 03 Dec 2014 15:17:54 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 
On 2014-12-03 at 11:28, Fam Zheng wrote:

Since a too small file cannot be a valid VMDK image, and also since the
buffer's first 4 bytes will be unconditionally examined by
vmdk_open_sparse, let's error out the small file case to be clear.

Signed-off-by: Fam Zheng <address@hidden>
Reviewed-by: Markus Armbruster <address@hidden>
---
  block/vmdk.c | 5 +++++
  1 file changed, 5 insertions(+)

diff --git a/block/vmdk.c b/block/vmdk.c
index 82257cd..045fd7a 100644
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -557,6 +557,11 @@ static char *vmdk_read_desc(BlockDriverState *file, 
uint64_t desc_offset,
          return NULL;
      }
+ if (size < 4) { 
+        error_setg_errno(errp, -size, "File is too small, not a valid image");
0 <= size < 4, strerror(0..-3) doesn't make a whole lot of sense. Should be simply error_setg() instead of error_setg_errno(). 

Max


+        return NULL;
+    }
+
      size = MIN(size, (1 << 20) - 1);  /* avoid unbounded allocation */
      buf = g_malloc(size + 1);
reply via email to
[Prev in Thread] Current Thread [Next in Thread]