falso
/
qemu-irix
mirror of https://github.com/n64decomp/qemu-irix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
qemu-irix/block
History
Jeff Cody 37173f54b7 vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144) 
The maximum blocks_in_image is 0xffffffff / 4, which also limits the
maximum disk_size for a VDI image to 1024TB.  Note that this is the maximum
size that QEMU will currently support with this driver, not necessarily the
maximum size allowed by the image format.

This also fixes an incorrect error message, a bug introduced by commit
5b7aa9b56d (Reported by Stefan Weil)

Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
(cherry picked from commit 63fa06dc97)

Conflicts:
	block/vdi.c

*modified to retain 1.7's usage of logout() over error_setg()

Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
 		2014-07-03 16:18:11 -05:00
..
Makefile.objs block: vhdx - log parsing, replay, and flush support 2013-11-07 13:58:58 +01:00
backup.c qapi: make use of new BlockJobType 2013-10-11 10:52:54 +02:00
blkdebug.c blkdebug: Employ error parameter 2013-10-11 16:50:00 +02:00
blkverify.c blkverify: Employ error parameter 2013-10-11 16:50:00 +02:00
bochs.c bochs: Fix bitmap offset calculation 2014-07-03 16:18:11 -05:00
cloop.c block/cloop: fix offsets[] size off-by-one 2014-07-03 16:18:10 -05:00
commit.c qapi: make use of new BlockJobType 2013-10-11 10:52:54 +02:00
cow.c block: Error parameter for create functions 2013-09-12 10:12:48 +02:00
curl.c block/curl: Implement the libcurl timer callback interface 2014-02-21 00:34:40 -06:00
dmg.c bdrv: Use "Error" for opening images 2013-09-12 10:12:47 +02:00
gluster.c block: introduce BlockDriver.bdrv_needs_filename to enable some drivers. 2013-09-25 16:21:28 +02:00
iscsi.c block/iscsi: fix deadlock on scsi check condition 2014-06-25 11:08:29 -05:00
linux-aio.c aio: drop io_flush argument 2013-08-19 15:52:19 +02:00
mirror.c mirror: fix early wake from sleep due to aio 2014-06-25 15:26:29 -05:00
nbd.c bdrv: Use "Error" for opening images 2013-09-12 10:12:47 +02:00
parallels.c bdrv: Use "Error" for opening images 2013-09-12 10:12:47 +02:00
qapi.c block/qapi: Human-readable ImageInfoSpecific dump 2013-10-11 10:52:54 +02:00
qcow.c block: Error parameter for create functions 2013-09-12 10:12:48 +02:00
qcow2-cache.c qcow2: Use negated overflow check mask 2013-10-11 16:50:00 +02:00
qcow2-cluster.c qcow2: fix possible corruption when reading multiple clusters 2013-11-14 13:09:07 +01:00
qcow2-refcount.c qcow2: Make overlap check mask variable 2013-10-11 16:50:00 +02:00
qcow2-snapshot.c qcow2: Use negated overflow check mask 2013-10-11 16:50:00 +02:00
qcow2.c block: Use BDRV_O_NO_BACKING where appropriate 2014-06-25 16:33:46 -05:00
qcow2.h qcow2: Add more overlap check bitmask macros 2013-10-11 16:50:00 +02:00
qed-check.c qed: mark image clean after repair succeeds 2012-08-10 10:25:12 +02:00
qed-cluster.c
qed-gencb.c
qed-l2-cache.c qed: do not evict in-use L2 table cache entries 2012-03-12 15:14:06 +01:00
qed-table.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qed.c block: Error parameter for create functions 2013-09-12 10:12:48 +02:00
qed.h block: qed - use QEMU_PACKED for on-disk structures 2013-09-25 20:51:15 +02:00
raw-aio.h block: make discard asynchronous 2013-01-15 10:03:47 +01:00
raw-posix.c block: Print its file name if backing file opening failed 2013-11-14 13:09:06 +01:00
raw-win32.c block: Print its file name if backing file opening failed 2013-11-14 13:09:06 +01:00
raw_bsd.c block: Avoid unecessary drv->bdrv_getlength() calls 2013-10-29 13:10:26 +01:00
rbd.c rbd: avoid qemu_rbd_snap_list() memory leaks 2013-09-25 16:22:00 +02:00
sheepdog.c sheepdog: check simultaneous create in resend_aioreq 2013-10-30 12:22:24 +01:00
snapshot.c bdrv: Use "Error" for opening images 2013-09-12 10:12:47 +02:00
ssh.c bdrv: Use "Error" for creating images 2013-09-12 10:12:48 +02:00
stream.c qapi: make use of new BlockJobType 2013-10-11 10:52:54 +02:00
vdi.c vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144) 2014-07-03 16:18:11 -05:00
vhdx-endian.c block: vhdx - move more endian translations to vhdx-endian.c 2013-11-07 13:58:59 +01:00
vhdx-log.c block: vhdx - add log write support 2013-11-07 13:58:59 +01:00
vhdx.c block: vhdx - add .bdrv_create() support 2013-11-07 13:58:59 +01:00
vhdx.h block: vhdx - add .bdrv_create() support 2013-11-07 13:58:59 +01:00
vmdk.c block: Use BDRV_O_NO_BACKING where appropriate 2014-06-25 16:33:46 -05:00
vpc.c vpc: Validate block size (CVE-2014-0142) 2014-07-03 16:18:11 -05:00
vvfat.c block: Error parameter for create functions 2013-09-12 10:12:48 +02:00
win32-aio.c win32-aio: drop win32_aio_flush_cb() 2013-08-22 22:05:04 +02:00