diff options
author | Dylan Reid <dgreid@chromium.org> | 2019-07-23 19:51:33 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2019-07-31 09:37:34 +0000 |
commit | 969a0b49ff0a9afbca18230181542bbe7e06b8f7 (patch) | |
tree | d28210921833011d1e06e6035817fc9eb0a8335e /seccomp | |
parent | a08e40bf8130ebf215ca4b0724410bd0c964bc41 (diff) | |
download | crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.gz crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.bz2 crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.lz crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.xz crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.zst crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.zip |
qcow: bounds check the refcount table offset and size
If the header puts the refcount table outside the file size or if it specifies a table much larger than needed, fail to open the file. These might not be hard qcow errors, but they are situations that crosvm will never encounter. BUG=986061 TEST=fuzzer with new test cases completes in less than 5 seconds. Signed-off-by: Dylan Reid <dgreid@chromium.org> Change-Id: If048c96f6255ca81740e20f3f4eb7669467dbb7b Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1716365 Reviewed-by: Daniel Verkamp <dverkamp@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com>
Diffstat (limited to 'seccomp')
0 files changed, 0 insertions, 0 deletions