Re: [Qemu-block] [PATCH 5/6] luks: Catch integer overflow for huge sizes

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-block] [PATCH 5/6] luks: Catch integer overflow for huge sizes

From:	Eric Blake
Subject:	Re: [Qemu-block] [PATCH 5/6] luks: Catch integer overflow for huge sizes
Date:	Fri, 9 Mar 2018 14:21:22 -0600
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0

On 03/09/2018 11:27 AM, Kevin Wolf wrote:

When you request an image size close to UINT64_MAX, the addition of the
crypto header may cause an integer overflow. Catch it instead of
silently truncating the image size.

Signed-off-by: Kevin Wolf <address@hidden>
---
  block/crypto.c | 5 +++++
  1 file changed, 5 insertions(+)

diff --git a/block/crypto.c b/block/crypto.c
index 4908d8627f..1b46519c53 100644
--- a/block/crypto.c
+++ b/block/crypto.c
@@ -102,6 +102,11 @@ static ssize_t block_crypto_init_func(QCryptoBlock *block,
  {
      struct BlockCryptoCreateData *data = opaque;

+ if (headerlen > UINT64_MAX - data->size) {

INT64_MAX, please. We are further bounded by having to fit within off_t(signed) rather than uint64_t.

+        error_setg(errp, "The requested file size is too large");
+        return -EFBIG;
+    }
+
      /* User provided size should reflect amount of space made
       * available to the guest, so we must take account of that
       * which will be used by the crypto header


--
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-block] [PATCH 3/6] luks: Support .bdrv_co_create, (continued)
- [Qemu-block] [PATCH 1/6] luks: Separate image file creation from formatting, Kevin Wolf, 2018/03/09
  - Re: [Qemu-block] [PATCH 1/6] luks: Separate image file creation from formatting, Eric Blake, 2018/03/09
  - Re: [Qemu-block] [PATCH 1/6] luks: Separate image file creation from formatting, Daniel P . Berrangé, 2018/03/12
    - Re: [Qemu-block] [PATCH 1/6] luks: Separate image file creation from formatting, Kevin Wolf, 2018/03/12
    - Re: [Qemu-block] [PATCH 1/6] luks: Separate image file creation from formatting, Daniel P . Berrangé, 2018/03/12
- [Qemu-block] [PATCH 2/6] luks: Create block_crypto_co_create_generic(), Kevin Wolf, 2018/03/09
  - Re: [Qemu-block] [PATCH 2/6] luks: Create block_crypto_co_create_generic(), Eric Blake, 2018/03/09
  - Re: [Qemu-block] [PATCH 2/6] luks: Create block_crypto_co_create_generic(), Daniel P . Berrangé, 2018/03/12
- [Qemu-block] [PATCH 5/6] luks: Catch integer overflow for huge sizes, Kevin Wolf, 2018/03/09
  - Re: [Qemu-block] [PATCH 5/6] luks: Catch integer overflow for huge sizes, Eric Blake <=
  - Re: [Qemu-block] [PATCH 5/6] luks: Catch integer overflow for huge sizes, Daniel P . Berrangé, 2018/03/12
- [Qemu-block] [PATCH 6/6] qemu-iotests: Test luks QMP image creation, Kevin Wolf, 2018/03/09
  - Re: [Qemu-block] [PATCH 6/6] qemu-iotests: Test luks QMP image creation, Eric Blake, 2018/03/09
  - Re: [Qemu-block] [PATCH 6/6] qemu-iotests: Test luks QMP image creation, Daniel P . Berrangé, 2018/03/12

Prev by Date: Re: [Qemu-block] [PATCH 4/6] luks: Turn invalid assertion into check
Next by Date: Re: [Qemu-block] [PATCH 6/6] qemu-iotests: Test luks QMP image creation
Previous by thread: [Qemu-block] [PATCH 5/6] luks: Catch integer overflow for huge sizes
Next by thread: Re: [Qemu-block] [PATCH 5/6] luks: Catch integer overflow for huge sizes
Index(es):
- Date
- Thread