Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 23/47] qcow2: Validate sna

qemu-stable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 23/47] qcow2: Validate sna

From:	Max Reitz
Subject:	Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 23/47] qcow2: Validate snapshot table offset/size (CVE-2014-0144)
Date:	Wed, 26 Mar 2014 21:59:09 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0

On 26.03.2014 13:05, Stefan Hajnoczi wrote:

From: Kevin Wolf <address@hidden>

This avoid unbounded memory allocation and fixes a potential buffer
overflow on 32 bit hosts.

Signed-off-by: Kevin Wolf <address@hidden>
---
  block/qcow2-snapshot.c     | 29 ++++-------------------------
  block/qcow2.c              | 15 +++++++++++++++
  block/qcow2.h              | 29 ++++++++++++++++++++++++++++-
  tests/qemu-iotests/080     | 27 +++++++++++++++++++++++++++
  tests/qemu-iotests/080.out | 17 +++++++++++++++++
  5 files changed, 91 insertions(+), 26 deletions(-)


Reviewed-by: Max Reitz <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 16/47] vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144), (continued)
- [Qemu-stable] [PATCH for-2.0 17/47] vhdx: Bounds checking for block_size and logical_sector_size (CVE-2014-0148), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 17/47] vhdx: Bounds checking for block_size and logical_sector_size (CVE-2014-0148), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 18/47] curl: check data size before memcpy to local buffer. (CVE-2014-0144), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 18/47] curl: check data size before memcpy to local buffer. (CVE-2014-0144), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 20/47] qcow2: Check backing_file_offset (CVE-2014-0144), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 20/47] qcow2: Check backing_file_offset (CVE-2014-0144), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 22/47] qcow2: Validate refcount table offset, Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 22/47] qcow2: Validate refcount table offset, Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 23/47] qcow2: Validate snapshot table offset/size (CVE-2014-0144), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 23/47] qcow2: Validate snapshot table offset/size (CVE-2014-0144), Max Reitz <=
- [Qemu-stable] [PATCH for-2.0 21/47] qcow2: Check refcount table size (CVE-2014-0144), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 21/47] qcow2: Check refcount table size (CVE-2014-0144), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 24/47] qcow2: Validate active L1 table offset and size (CVE-2014-0144), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 24/47] qcow2: Validate active L1 table offset and size (CVE-2014-0144), Max Reitz, 2014/03/28
- [Qemu-stable] [PATCH for-2.0 25/47] qcow2: Fix backing file name length check, Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 25/47] qcow2: Fix backing file name length check, Max Reitz, 2014/03/28
- [Qemu-stable] [PATCH for-2.0 26/47] qcow2: Don't rely on free_cluster_index in alloc_refcount_block() (CVE-2014-0147), Stefan Hajnoczi, 2014/03/26
  - [Qemu-stable] [PATCH v2 for-2.0 26/47] qcow2: Don't rely on free_cluster_index in alloc_refcount_block() (CVE-2014-0147), Stefan Hajnoczi, 2014/03/28
    - Re: [Qemu-stable] [PATCH v2 for-2.0 26/47] qcow2: Don't rely on free_cluster_index in alloc_refcount_block() (CVE-2014-0147), Max Reitz, 2014/03/28
- [Qemu-stable] [PATCH for-2.0 28/47] qcow2: Check new refcount table size on growth, Stefan Hajnoczi, 2014/03/26

Prev by Date: Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 22/47] qcow2: Validate refcount table offset
Next by Date: Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 19/47] qcow2: Check header_length (CVE-2014-0144)
Previous by thread: [Qemu-stable] [PATCH for-2.0 23/47] qcow2: Validate snapshot table offset/size (CVE-2014-0144)
Next by thread: [Qemu-stable] [PATCH for-2.0 21/47] qcow2: Check refcount table size (CVE-2014-0144)
Index(es):
- Date
- Thread