[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v2 for-2.0 0/2] Bounds checking for VDI
|
From: |
Jeff Cody |
|
Subject: |
[Qemu-devel] [PATCH v2 for-2.0 0/2] Bounds checking for VDI |
|
Date: |
Fri, 28 Mar 2014 11:42:23 -0400 |
This is v2 of the patches from Stefan Hajnoczi's pull request for CVE patches.
Changes from v1:
Patch 1: * Use DEFAULT_CLUSTER_SIZE instead of new
VDI_BLOCK_SIZE (thanks Stefan Weil)
* More informative error messages (thanks Stefan Weil)
* Return -ENOTSUP instead of -EINVAL on images
that exceed the maximum allowed size. These may
not be against spec, they are just currently unsupported.
* Fix wrong error message, introduced in commit
5b7aa9b56d1bfc79916262f380c3fc7961becb50 (thanks Stefan Weil)
Patch 2: * Update tests results to take in account new error messages.
Jeff Cody (2):
vdi: add bounds checks for blocks_in_image and disk_size header fields
(CVE-2014-0144)
block: vdi bounds check qemu-io tests
block/vdi.c | 37 ++++++++++++++--
tests/qemu-iotests/084 | 104 +++++++++++++++++++++++++++++++++++++++++++++
tests/qemu-iotests/084.out | 33 ++++++++++++++
tests/qemu-iotests/group | 1 +
4 files changed, 171 insertions(+), 4 deletions(-)
create mode 100755 tests/qemu-iotests/084
create mode 100644 tests/qemu-iotests/084.out
--
1.8.3.1
- [Qemu-devel] [PATCH v2 for-2.0 0/2] Bounds checking for VDI,
Jeff Cody <=