OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
8c7de28305
qemu-e2k/block
History
Kevin Wolf 8c7de28305 qcow2: Validate refcount table offset 
The end of the refcount table must not exceed INT64_MAX so that integer
overflows are avoided.

Also check for misaligned refcount table. Such images are invalid and
probably the result of data corruption. Error out to avoid further
corruption.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-04-01 14:19:09 +02:00
..
backup.c
blkdebug.c
blkverify.c block: Rewrite the snapshot authorization mechanism for block filters. 2014-03-13 14:23:27 +01:00
bochs.c bochs: Fix bitmap offset calculation 2014-04-01 13:59:47 +02:00
cloop.c block/cloop: fix offsets[] size off-by-one 2014-04-01 13:59:47 +02:00
commit.c
cow.c
curl.c curl: check data size before memcpy to local buffer. (CVE-2014-0144) 2014-04-01 14:19:09 +02:00
dmg.c
gluster.c Fixed various typos 2014-03-25 14:09:50 +01:00
iscsi.c iscsi: Use bs->sg for everything else than disks 2014-03-05 16:58:20 +01:00
linux-aio.c
Makefile.objs
mirror.c mirror: fix early wake from sleep due to aio 2014-03-25 14:09:50 +01:00
nbd-client.c nbd: close socket if connection breaks 2014-03-14 16:28:28 +01:00
nbd-client.h
nbd.c
nfs.c block/nfs: report errors from libnfs 2014-03-19 09:39:41 +01:00
parallels.c
qapi.c
qcow2-cache.c
qcow2-cluster.c qcow2: Check bs->drv in copy_sectors() 2014-03-13 14:23:27 +01:00
qcow2-refcount.c qcow2: Check refcount table size (CVE-2014-0144) 2014-04-01 14:19:09 +02:00
qcow2-snapshot.c
qcow2.c qcow2: Validate refcount table offset 2014-04-01 14:19:09 +02:00
qcow2.h
qcow.c Fixed various typos 2014-03-25 14:09:50 +01:00
qed-check.c
qed-cluster.c
qed-gencb.c
qed-l2-cache.c
qed-table.c
qed.c block: Add error handling to bdrv_invalidate_cache() 2014-03-19 09:39:41 +01:00
qed.h
quorum.c block: Add error handling to bdrv_invalidate_cache() 2014-03-19 09:39:41 +01:00
raw_bsd.c
raw-aio.h
raw-posix.c block/raw-posix: Strip protocol prefix on creation 2014-03-13 14:42:25 +01:00
raw-win32.c block/raw-win32: bdrv_parse_filename() for hdev 2014-03-13 14:42:25 +01:00
rbd.c
sheepdog.c Fixed various typos 2014-03-25 14:09:50 +01:00
snapshot.c
ssh.c
stream.c
vdi.c vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144) 2014-04-01 14:06:31 +02:00
vhdx-endian.c
vhdx-log.c Fixed various typos 2014-03-25 14:09:50 +01:00
vhdx.c vhdx: Bounds checking for block_size and logical_sector_size (CVE-2014-0148) 2014-04-01 14:19:09 +02:00
vhdx.h block: Explicitly specify 'unsigned long long' for VHDX 64-bit constants 2014-03-14 16:25:24 +01:00
vmdk.c
vpc.c vpc: Validate block size (CVE-2014-0142) 2014-04-01 13:59:47 +02:00
vvfat.c vvfat: Fix :floppy: option to suppress partition table 2014-04-01 13:49:53 +02:00
win32-aio.c