]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d99c4e2) | patch
qcow2: Check maximum L1 size in qcow2_snapshot_load_tmp() (CVE-2014-0143)
authorKevin Wolf <kwolf@redhat.com>
Wed, 26 Mar 2014 12:06:06 +0000 (13:06 +0100)
committerMichael Roth <mdroth@linux.vnet.ibm.com>
Thu, 3 Jul 2014 21:31:28 +0000 (16:31 -0500)
commitcfa8008cc01ed811a5c2aca30af44e7d4ece97e6
treed6eda8491374e15c19c5d2fd0a78a87542495abetree
parentd99c4e2d857fbd5e95bf61971d59eb10499289c0commit | diff
qcow2: Check maximum L1 size in qcow2_snapshot_load_tmp() (CVE-2014-0143)

This avoids an unbounded allocation.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
(cherry picked from commit 6a83f8b5bec6f59e56cc49bd49e4c3f8f805d56f)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
block/qcow2-snapshot.c diff | blob | blame | history
block/qcow2.c diff | blob | blame | history
block/qcow2.h diff | blob | blame | history
tests/qemu-iotests/080 diff | blob | blame | history
tests/qemu-iotests/080.out diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git