[PULL 04/18] parallels: Check if data_end greater than the file size

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PULL 04/18] parallels: Check if data_end greater than the file size

From:	Denis V. Lunev
Subject:	[PULL 04/18] parallels: Check if data_end greater than the file size
Date:	Wed, 6 Sep 2023 17:49:37 +0200

From: Alexander Ivanov <alexander.ivanov@virtuozzo.com>

Initially data_end is set to the data_off image header field and must not
be greater than the file size.

Signed-off-by: Alexander Ivanov <alexander.ivanov@virtuozzo.com>
Reviewed-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Denis V. Lunev <den@openvz.org>
---
 block/parallels.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/block/parallels.c b/block/parallels.c
index 3c0dca3dbf..6a3d41373a 100644
--- a/block/parallels.c
+++ b/block/parallels.c
@@ -874,6 +874,11 @@ static int parallels_open(BlockDriverState *bs, QDict 
*options, int flags,
          */
         s->header_size = size;
     }
+    if (s->data_end > file_nb_sectors) {
+        error_setg(errp, "Invalid image: incorrect data_off field");
+        ret = -EINVAL;
+        goto fail;
+    }
 
     ret = bdrv_pread(bs->file, 0, s->header_size, s->header, 0);
     if (ret < 0) {
-- 
2.34.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PULL 00/18] Parallels format driver, Denis V. Lunev, 2023/09/06
- [PULL 04/18] parallels: Check if data_end greater than the file size, Denis V. Lunev <=
- [PULL 05/18] parallels: Add "explicit" argument to parallels_check_leak(), Denis V. Lunev, 2023/09/06
- [PULL 02/18] parallels: Fix comments formatting inside parallels driver, Denis V. Lunev, 2023/09/06
- [PULL 09/18] parallels: Use bdrv_co_getlength() in parallels_check_outside_image(), Denis V. Lunev, 2023/09/06
- [PULL 03/18] parallels: Incorrect data end calculation in parallels_open(), Denis V. Lunev, 2023/09/06
- [PULL 01/18] MAINTAINERS: add tree to keep parallels format driver changes, Denis V. Lunev, 2023/09/06
- [PULL 06/18] parallels: Add data_start field to BDRVParallelsState, Denis V. Lunev, 2023/09/06
- [PULL 08/18] parallels: Image repairing in parallels_open(), Denis V. Lunev, 2023/09/06
- [PULL 07/18] parallels: Add checking and repairing duplicate offsets in BAT, Denis V. Lunev, 2023/09/06
- [PULL 10/18] parallels: Add data_off check, Denis V. Lunev, 2023/09/06
  - [PULL 15/18] iotests: Refactor tests of parallels images checks (131), Denis V. Lunev, 2023/09/06

Prev by Date: [PULL 00/18] Parallels format driver
Next by Date: [PULL 05/18] parallels: Add "explicit" argument to parallels_check_leak()
Previous by thread: [PULL 00/18] Parallels format driver
Next by thread: [PULL 05/18] parallels: Add "explicit" argument to parallels_check_leak()
Index(es):
- Date
- Thread