On 2018-08-16 04:17, Eric Blake wrote:
> On 08/15/2018 09:03 PM, Max Reitz wrote:
>
>>> @@ -4559,19 +4559,23 @@ static int img_dd(int argc, char **argv)
>>> goto out;
>>> }
>>>
>>> + /* Overflow means the specified offset is beyond input image's
>>> size */
>>> + if (dd.flags
On 08/15/2018 09:03 PM, Max Reitz wrote:
@@ -4559,19 +4559,23 @@ static int img_dd(int argc, char **argv)
goto out;
}
+/* Overflow means the specified offset is beyond input image's size */
+if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
+
On 2018-08-15 04:56, Eric Blake wrote:
> When both skip= and count= are active, qemu-img dd was not copying
> enough data. It didn't help that the code made the same check for
> dd.flags & C_SKIP in two separate places. Compute 'size' as the
> amount of bytes to be read, and 'end' as the offset to
When both skip= and count= are active, qemu-img dd was not copying
enough data. It didn't help that the code made the same check for
dd.flags & C_SKIP in two separate places. Compute 'size' as the
amount of bytes to be read, and 'end' as the offset to end at,
rather than trying to cram both meaning
