summary refs log tree commit diff
path: root/seccomp
diff options
context:
space:
mode:
authorDylan Reid <dgreid@chromium.org>2019-07-23 19:51:33 -0700
committerCommit Bot <commit-bot@chromium.org>2019-07-31 09:37:34 +0000
commit969a0b49ff0a9afbca18230181542bbe7e06b8f7 (patch)
treed28210921833011d1e06e6035817fc9eb0a8335e /seccomp
parenta08e40bf8130ebf215ca4b0724410bd0c964bc41 (diff)
downloadcrosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar
crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.gz
crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.bz2
crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.lz
crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.xz
crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.tar.zst
crosvm-969a0b49ff0a9afbca18230181542bbe7e06b8f7.zip
qcow: bounds check the refcount table offset and size
If the header puts the refcount table outside the file size or if it
specifies a table much larger than needed, fail to open the file.

These might not be hard qcow errors, but they are situations that crosvm
will never encounter.

BUG=986061
TEST=fuzzer with new test cases completes in less than 5 seconds.

Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: If048c96f6255ca81740e20f3f4eb7669467dbb7b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1716365
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Diffstat (limited to 'seccomp')
0 files changed, 0 insertions, 0 deletions
 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-17 00:56:33 +0000