OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/block
History
Kevin Wolf 8c7de28305 qcow2: Validate refcount table offset 
The end of the refcount table must not exceed INT64_MAX so that integer
overflows are avoided.

Also check for misaligned refcount table. Such images are invalid and
probably the result of data corruption. Error out to avoid further
corruption.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 		2014-04-01 14:19:09 +02:00
..
Makefile.objs Block patches 2014-02-25 10:50:11 +00:00
backup.c block: Switch BdrvTrackedRequest to byte granularity 2014-01-24 17:40:02 +01:00
blkdebug.c block: Remove bdrv_open_image()'s force_raw option 2014-02-21 21:02:22 +01:00
blkverify.c block: Rewrite the snapshot authorization mechanism for block filters. 2014-03-13 14:23:27 +01:00
bochs.c bochs: Fix bitmap offset calculation 2014-04-01 13:59:47 +02:00
cloop.c block/cloop: fix offsets[] size off-by-one 2014-04-01 13:59:47 +02:00
commit.c commit: Remove unused check 2013-12-20 16:26:16 +01:00
cow.c block: do not abuse EMEDIUMTYPE 2014-02-21 21:02:24 +01:00
curl.c curl: check data size before memcpy to local buffer. (CVE-2014-0144) 2014-04-01 14:19:09 +02:00
dmg.c bdrv: Use "Error" for opening images 2013-09-12 10:12:47 +02:00
gluster.c Fixed various typos 2014-03-25 14:09:50 +01:00
iscsi.c iscsi: Use bs->sg for everything else than disks 2014-03-05 16:58:20 +01:00
linux-aio.c aio: drop io_flush argument 2013-08-19 15:52:19 +02:00
mirror.c mirror: fix early wake from sleep due to aio 2014-03-25 14:09:50 +01:00
nbd-client.c nbd: close socket if connection breaks 2014-03-14 16:28:28 +01:00
nbd-client.h nbd: pass export name as init argument 2013-12-16 10:12:20 +01:00
nbd.c nbd: correctly propagate errors 2014-02-21 21:02:22 +01:00
nfs.c block/nfs: report errors from libnfs 2014-03-19 09:39:41 +01:00
parallels.c block: do not abuse EMEDIUMTYPE 2014-02-21 21:02:24 +01:00
qapi.c Use error_is_set() only when necessary 2014-02-17 11:57:23 -05:00
qcow.c Fixed various typos 2014-03-25 14:09:50 +01:00
qcow2-cache.c qcow2: Use negated overflow check mask 2013-10-11 16:50:00 +02:00
qcow2-cluster.c qcow2: Check bs->drv in copy_sectors() 2014-03-13 14:23:27 +01:00
qcow2-refcount.c qcow2: Check refcount table size (CVE-2014-0144) 2014-04-01 14:19:09 +02:00
qcow2-snapshot.c block: Don't throw away errno via error_setg 2014-02-14 18:05:38 +01:00
qcow2.c qcow2: Validate refcount table offset 2014-04-01 14:19:09 +02:00
qcow2.h qcow2: remove n_start and n_end of qcow2_alloc_cluster_offset() 2014-02-09 09:12:39 +01:00
qed-check.c qed: mark image clean after repair succeeds 2012-08-10 10:25:12 +02:00
qed-cluster.c Use glib memory allocation and free functions 2011-08-20 23:01:08 -05:00
qed-gencb.c Use glib memory allocation and free functions 2011-08-20 23:01:08 -05:00
qed-l2-cache.c qed: do not evict in-use L2 table cache entries 2012-03-12 15:14:06 +01:00
qed-table.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qed.c block: Add error handling to bdrv_invalidate_cache() 2014-03-19 09:39:41 +01:00
qed.h block: qed - use QEMU_PACKED for on-disk structures 2013-09-25 20:51:15 +02:00
quorum.c block: Add error handling to bdrv_invalidate_cache() 2014-03-19 09:39:41 +01:00
raw-aio.h raw-posix: add support for write_zeroes on XFS and block devices 2013-12-03 15:26:49 +01:00
raw-posix.c block/raw-posix: Strip protocol prefix on creation 2014-03-13 14:42:25 +01:00
raw-win32.c block/raw-win32: bdrv_parse_filename() for hdev 2014-03-13 14:42:25 +01:00
raw_bsd.c Use error_is_set() only when necessary 2014-02-17 11:57:23 -05:00
rbd.c Use error_is_set() only when necessary 2014-02-17 11:57:23 -05:00
sheepdog.c Fixed various typos 2014-03-25 14:09:50 +01:00
snapshot.c Use error_is_set() only when necessary 2014-02-17 11:57:23 -05:00
ssh.c bdrv: Use "Error" for creating images 2013-09-12 10:12:48 +02:00
stream.c block: Update BlockLimits when they might have changed 2014-01-24 17:40:01 +01:00
vdi.c vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144) 2014-04-01 14:06:31 +02:00
vhdx-endian.c block: vhdx - move more endian translations to vhdx-endian.c 2013-11-07 13:58:59 +01:00
vhdx-log.c Fixed various typos 2014-03-25 14:09:50 +01:00
vhdx.c vhdx: Bounds checking for block_size and logical_sector_size (CVE-2014-0148) 2014-04-01 14:19:09 +02:00
vhdx.h block: Explicitly specify 'unsigned long long' for VHDX 64-bit constants 2014-03-14 16:25:24 +01:00
vmdk.c block/vmdk: do not report file offset for compressed extents 2014-02-28 18:59:07 +01:00
vpc.c vpc: Validate block size (CVE-2014-0142) 2014-04-01 13:59:47 +02:00
vvfat.c vvfat: Fix :floppy: option to suppress partition table 2014-04-01 13:49:53 +02:00
win32-aio.c win32-aio: drop win32_aio_flush_cb() 2013-08-22 22:05:04 +02:00