On 2017-11-01 16:42, Alberto Garcia wrote: > Misc qcow2 corruption checks > > This series contains a few checks that prevent QEMU from crashing > under some scenarios with corrupted qcow2 images. > > The first patch solves the crash reported here: > > https://bugs.launchpad.net/qemu/+bug/1728615 > > And the others solve similar crashes that I detected in the process of > fixing this one. > > Regards, > > Berto
There are two more cases which might need a check that the return value of an allocation function isn't 0: The first is qcow2_alloc_bytes() which has an assert(offset) after potentially setting offset = new_cluster (with new_cluster being the return value of alloc_clusters_noref()). The second is qcow2_crypto_hdr_init_func() which is simply missing a pre-write overlap check. The rest (besides L2 table and refblock allocation) should be guarded by the pre-write overlap check. Do you want to fix these or do we need another volunteer? :-) Max
signature.asc
Description: OpenPGP digital signature
