qemu-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [COMMIT c1e950c] Improve block range checks


From: Anthony Liguori
Subject: [Qemu-commits] [COMMIT c1e950c] Improve block range checks
Date: Fri, 08 May 2009 21:05:43 -0000

From: Kevin Wolf <address@hidden>

This patch makes the range checks for block requests more strict: It fixes a
potential integer overflow and checks for negative offsets. Also, it adds the
check for compressed writes.

Signed-off-by: Kevin Wolf <address@hidden>
Signed-off-by: Anthony Liguori <address@hidden>

diff --git a/block.c b/block.c
index 3d1223d..acb8976 100644
--- a/block.c
+++ b/block.c
@@ -578,7 +578,10 @@ static int bdrv_check_byte_request(BlockDriverState *bs, 
int64_t offset,
 
     len = bdrv_getlength(bs);
 
-    if ((offset + size) > len)
+    if (offset < 0)
+        return -EIO;
+
+    if ((offset > len) || (len - offset < size))
         return -EIO;
 
     return 0;
@@ -1150,6 +1153,8 @@ int bdrv_write_compressed(BlockDriverState *bs, int64_t 
sector_num,
         return -ENOMEDIUM;
     if (!drv->bdrv_write_compressed)
         return -ENOTSUP;
+    if (bdrv_check_request(bs, sector_num, nb_sectors))
+        return -EIO;
     return drv->bdrv_write_compressed(bs, sector_num, buf, nb_sectors);
 }
 




reply via email to

[Prev in Thread] Current Thread [Next in Thread]