Home
last modified time | relevance | path

Searched hist:"46485 de0" (Results 1 – 3 of 3) sorted by relevance

/openbmc/qemu/tests/qemu-iotests/
H A D092.out46485de0 Thu May 08 06:08:20 CDT 2014 Kevin Wolf <kwolf@redhat.com> qcow1: Validate image size (CVE-2014-0223)

A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.

This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).

Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
H A D09246485de0 Thu May 08 06:08:20 CDT 2014 Kevin Wolf <kwolf@redhat.com> qcow1: Validate image size (CVE-2014-0223)

A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.

This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).

Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
/openbmc/qemu/block/
H A Dqcow.c46485de0 Thu May 08 06:08:20 CDT 2014 Kevin Wolf <kwolf@redhat.com> qcow1: Validate image size (CVE-2014-0223)

A huge image size could cause s->l1_size to overflow. Make sure that
images never require a L1 table larger than what fits in s->l1_size.

This cannot only cause unbounded allocations, but also the allocation of
a too small L1 table, resulting in out-of-bounds array accesses (both
reads and writes).

Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>