Re: [Qemu-devel] [PATCH 0/5] multiboot: Fix buffer overflow on invalid kernels

[Jack Schwartz]

Hi Kevin.

I see an issue with the commit message of patch 1; please see my reply 
to that patch for details.  I fully understand patches 1,2,3, patch 4 
except for some of the Makefile black magic, and patch 5 looks 
reasonable to me.

So, for patches 2,3,4,5:
    Reviewed-by: Jack Schwartz <address@hidden>

    Thanks,
    Jack

On 2018-03-14 10:32, Kevin Wolf wrote:
> Patch 1 fixes another Multiboot kernel validation bug that could cause
> QEMU to load the kernel image file into a too small buffer. Patch 2 adds
> another check to harden the code. The rest of the series adds Multiboot
> test cases for kernels using the a.out kludge, which is where the recent
> bugs were found.
>
> Kevin Wolf (5):
>    multiboot: Reject kernels exceeding the address space
>    multiboot: Check validity of mh_header_addr
>    tests/multiboot: Test exit code for every qemu run
>    tests/multiboot: Add tests for the a.out kludge
>    tests/multiboot: Add .gitignore
>
>   hw/i386/multiboot.c             |   8 +++
>   tests/multiboot/.gitignore      |   3 +
>   tests/multiboot/Makefile        |  22 +++++--
>   tests/multiboot/aout_kludge.S   | 138 ++++++++++++++++++++++++++++++++++++++++
>   tests/multiboot/aout_kludge.out |  42 ++++++++++++
>   tests/multiboot/run_test.sh     |  34 ++++++----
>   6 files changed, 227 insertions(+), 20 deletions(-)
>   create mode 100644 tests/multiboot/.gitignore
>   create mode 100644 tests/multiboot/aout_kludge.S
>   create mode 100644 tests/multiboot/aout_kludge.out