Original Xbox Emulator for Windows, macOS, and Linux (Active Development)
Go to file
Kevin Wolf 7159a45b2b qcow1: Check maximum cluster size
Huge values for header.cluster_bits cause unbounded allocations (e.g.
for s->cluster_cache) and crash qemu this way. Less huge values may
survive those allocations, but can cause integer overflows later on.

The only cluster sizes that qemu can create are 4k (for standalone
images) and 512 (for images with backing files), so we can limit it
to 64k.

Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
2014-05-19 11:36:49 +02:00
audio savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
backends build: convert some obj-specific CFLAGS to use new foo.o-cflags syntax 2014-05-08 15:27:49 +02:00
block qcow1: Check maximum cluster size 2014-05-19 11:36:49 +02:00
bsd-user Merge remote-tracking branch 'remotes/kvm/uq/master' into staging 2014-05-15 15:38:40 +01:00
default-configs usb: mtp filesharing 2014-04-23 10:28:14 +02:00
disas disas/libvixl: Update to libvixl 1.4 2014-05-13 16:09:35 +01:00
docs savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
dtc@bc895d6d09 dtc: add submodule 2013-04-18 13:50:53 +02:00
fpu softfloat: Introduce float32_to_uint64_round_to_zero 2014-04-08 11:20:00 +02:00
fsdev virtfs-proxy-helper: fix call to accept 2014-04-28 08:55:32 +04:00
gdb-xml target-arm: Support fp registers in gdb stub 2013-12-17 19:42:32 +00:00
hw virtio update 2014-05-15 18:01:47 +01:00
include qdict: Add qdict_join() 2014-05-19 11:36:48 +02:00
libcacard libcacard: remove libcacard-specific CFLAGS and LIBS from global vars 2014-05-09 22:59:40 +02:00
linux-headers linux-headers update 2014-04-25 12:59:57 +02:00
linux-user target-i386: the x86 CPL is stored in CS.selector - auto update hflags accordingly. 2014-05-13 13:12:40 +02:00
net trivial patches for 2014-04-28 2014-04-28 13:43:17 +01:00
pc-bios ipxe: update to current git 2014-05-15 14:24:05 +02:00
pixman@97336fad32 qapi: move include files to include/qobject/ 2012-12-19 08:31:31 +01:00
po po: add proper Language: tags to .po files 2014-04-28 08:55:32 +04:00
qapi Revert "qapi: Clean up superfluous null check in qapi_dealloc_type_str()" 2014-05-09 09:11:32 -04:00
qga qga: Drop superfluous error_is_set() 2014-05-09 09:11:31 -04:00
qobject qdict: Add qdict_join() 2014-05-19 11:36:48 +02:00
qom qerror.h: Remove QERR defines that are only used once 2014-04-25 09:19:59 -04:00
roms ipxe: update to current git 2014-05-15 14:24:05 +02:00
scripts Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging 2014-05-09 15:46:34 +01:00
slirp slirp: Remove default_mon usage 2014-04-25 09:19:58 -04:00
stubs qerror.h: Replace QERR_NOT_SUPPORTED with QERR_UNSUPPORTED 2014-04-25 09:19:59 -04:00
sysconfigs/target Eliminate cpus-x86_64.conf file 2012-09-21 15:12:58 +02:00
target-alpha savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
target-arm target-arm queue: 2014-05-15 16:24:12 +01:00
target-cris cputlb: Change tlb_set_page() argument to CPUState 2014-03-13 19:52:47 +01:00
target-i386 Merge remote-tracking branch 'remotes/kvm/uq/master' into staging 2014-05-15 15:38:40 +01:00
target-lm32 savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
target-m68k cputlb: Change tlb_set_page() argument to CPUState 2014-03-13 19:52:47 +01:00
target-microblaze microblaze: Respect the reset vector 2014-05-13 09:12:40 +10:00
target-mips target-mips: Avoid shifting left into sign bit 2014-03-27 19:22:49 +04:00
target-moxie savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
target-openrisc savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
target-ppc cpu: make CPU_INTERRUPT_RESET available on all targets 2014-05-13 13:21:51 +02:00
target-s390x kvm: reset state from the CPU's reset method 2014-05-13 13:12:40 +02:00
target-sh4 cputlb: Change tlb_set_page() argument to CPUState 2014-03-13 19:52:47 +01:00
target-sparc target-sparc: fix 32bit integer division overflow 2014-03-26 23:40:40 +00:00
target-unicore32 cputlb: Change tlb_set_page() argument to CPUState 2014-03-13 19:52:47 +01:00
target-xtensa cputlb: Change tlb_set_page() argument to CPUState 2014-03-13 19:52:47 +01:00
tcg tcg-s390: Implement direct chaining of TBs 2014-05-15 09:22:32 -07:00
tests qcow1: Check maximum cluster size 2014-05-19 11:36:49 +02:00
trace trace: [tracetool] Minimize the amount of per-backend code 2014-05-07 19:07:18 +02:00
ui build: convert some obj-specific CFLAGS to use new foo.o-cflags syntax 2014-05-08 15:27:49 +02:00
util savevm: Remove all the unneeded version_minimum_id_old (arm) 2014-05-13 16:09:35 +01:00
.exrc
.gitignore gitignore: cleanups #2 2014-04-28 08:55:31 +04:00
.gitmodules Add OpenHack'Ware submodule 2014-03-12 17:26:32 +01:00
.mailmap Update mailmap 2013-09-05 09:40:31 -05:00
.travis.yml .travis.yml: add IRC notifications for build failures 2014-03-15 13:54:18 +04:00
aio-posix.c aio: make aio_poll(ctx, true) block with no fds 2013-12-06 16:53:51 +01:00
aio-win32.c aio: make aio_poll(ctx, true) block with no fds 2013-12-06 16:53:51 +01:00
arch_init.c Split ram_save_block 2014-05-14 15:24:51 +02:00
async.c aio: add aio_context_acquire() and aio_context_release() 2014-03-13 14:42:24 +01:00
balloon.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
block-migration.c block: Handle error of bdrv_getlength in bdrv_create_dirty_bitmap 2014-04-22 11:57:02 +02:00
block.c block: Allow JSON filenames 2014-05-19 11:36:49 +02:00
blockdev-nbd.c nbd: use BlockDriverState refcnt 2013-09-06 15:25:08 +02:00
blockdev.c Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging 2014-04-28 12:56:34 +01:00
blockjob.c qerror.h: Replace QERR_NOT_SUPPORTED with QERR_UNSUPPORTED 2014-04-25 09:19:59 -04:00
bt-host.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
bt-vhci.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
Changelog Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
CODING_STYLE CODING_STYLE: Section about mixed declarations 2014-03-27 19:22:49 +04:00
configure tcg/s390 updates 2014-05-15 18:56:08 +01:00
COPYING
COPYING.LIB
coroutine-gthread.c do not call g_thread_init() for glib >= 2.31 2014-05-07 21:00:43 +04:00
coroutine-sigaltstack.c Merge remote-tracking branch 'kwolf/for-anthony' into staging 2013-02-26 07:44:39 -06:00
coroutine-ucontext.c Fix warnings suppressors to honor --disable-werror 2013-04-17 10:28:04 -05:00
coroutine-win32.c block: move include files to include/block/ 2012-12-19 08:31:31 +01:00
cpu-exec.c cpu: make CPU_INTERRUPT_RESET available on all targets 2014-05-13 13:21:51 +02:00
cpus.c savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
cputlb.c cputlb: Change tlb_set_page() argument to CPUState 2014-03-13 19:52:47 +01:00
device_tree.c device_tree: qemu_fdt_setprop: Rename val_array arg 2013-12-20 01:58:12 +01:00
device-hotplug.c machine: Remove QEMUMachine indirection from MachineClass 2014-05-05 19:08:49 +02:00
disas.c disas: Implement disassembly output for A64 2014-02-08 14:50:48 +00:00
dma-helpers.c dma-helpers: Initialize DMAAIOCB in_cancel flag 2014-04-04 19:36:39 +02:00
dump.c dump: Drop pointless error_is_set(), DumpState member errp 2014-05-09 09:11:32 -04:00
exec.c savevm: Remove all the unneeded version_minimum_id_old (rest) 2014-05-14 15:24:51 +02:00
gdbstub.c exec: Change cpu_breakpoint_{insert,remove{,_by_ref,_all}} argument 2014-03-13 19:20:48 +01:00
HACKING HACKING: Document vaddr type usage 2013-07-23 02:41:31 +02:00
hmp-commands.hx HMP: support specifying dump format for dump-guest-memory 2014-04-25 11:18:33 -04:00
hmp.c hmp: Guard against misuse of hmp_handle_error() 2014-05-09 09:11:31 -04:00
hmp.h monitor: Add device_add and device_del completion. 2014-04-25 09:37:12 -04:00
iohandler.c iohandler: switch to GPollFD 2013-02-21 16:17:31 -06:00
ioport.c portio: Allow to mark portio lists as coalesced MMIO flushing 2013-10-17 17:24:15 +02:00
iothread.c iothread: make IOThread struct definition public 2014-04-04 20:48:02 +02:00
kvm-all.c kvm: reset state from the CPU's reset method 2014-05-13 13:12:40 +02:00
kvm-stub.c machine: Replace QEMUMachine by MachineClass in accelerator configuration 2014-05-05 19:08:49 +02:00
LICENSE LICENSE: clarify 2013-08-12 09:15:12 -05:00
main-loop.c main-loop: Suppress "I/O thread spun" warnings for qtest 2014-03-13 21:36:50 +01:00
MAINTAINERS pc,net,MAINTAINERS,build updates 2014-05-07 17:16:03 +01:00
Makefile Merge remote-tracking branch 'remotes/bonzini/configure' into staging 2014-05-13 11:30:07 +01:00
Makefile.objs libcacard: remove libcacard-specific CFLAGS and LIBS from global vars 2014-05-09 22:59:40 +02:00
Makefile.target Makefile.target: use $(INSTALL_PROG) for installing, not $(INSTALL) 2014-05-08 15:09:04 +02:00
memory_mapping.c cpu: Use QTAILQ for CPU list 2013-09-03 12:25:55 +02:00
memory.c memory_region_present: return false if address is not found in child MemoryRegion 2014-03-09 21:09:37 +02:00
migration-exec.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
migration-fd.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
migration-rdma.c rdma: rename 'x-rdma' => 'rdma' 2014-02-25 14:30:28 +01:00
migration-tcp.c Coverity: Fix failure path for qemu_accept in migration 2014-05-05 22:15:03 +02:00
migration-unix.c Coverity: Fix failure path for qemu_accept in migration 2014-05-05 22:15:03 +02:00
migration.c migration: show average throughput when migration finishes 2014-05-14 15:24:52 +02:00
module-common.c module: implement module loading 2014-02-20 13:14:18 +01:00
monitor.c monitor: add Error-propagating monitor_handle_fd_param2() 2014-05-08 14:19:58 -04:00
nbd.c nbd: move socket wrappers to qemu-nbd 2014-02-21 21:02:23 +01:00
os-posix.c oslib-posix: Fix build on FreeBSD 2014-03-13 14:34:16 +00:00
os-win32.c util: Split out exec_dir from os_find_datadir 2014-02-20 13:12:54 +01:00
page_cache.c Fix two XBZRLE corruption issues 2014-02-25 14:30:28 +01:00
qapi-schema.json migration: expose xbzrle cache miss rate 2014-05-05 22:15:03 +02:00
qdev-monitor.c qdev: Fix crash by validating the object type 2014-05-05 19:08:49 +02:00
qdict-test-data.txt
qemu-bridge-helper.c qemu-bridge-helper: force usage of a very high MAC address for the bridge 2013-03-28 12:58:52 -05:00
qemu-char.c char: restore read callback on a reattached (hotplug) chardev 2014-03-13 10:33:45 +01:00
qemu-coroutine-io.c aio / timers: Untangle include files 2013-08-22 19:10:27 +02:00
qemu-coroutine-lock.c coroutine: remove qemu_co_queue_wait_insert_head 2013-12-02 17:11:49 +01:00
qemu-coroutine-sleep.c coroutine: add co_aio_sleep_ns() to allow sleep in block drivers 2013-10-30 12:22:09 +01:00
qemu-coroutine.c coroutine: add ./configure --disable-coroutine-pool 2013-09-12 10:12:48 +02:00
qemu-doc.texi doc: grammify "allows to" 2014-04-18 10:33:36 +04:00
qemu-file.c Make qemu_peek_buffer loop until it gets it's data 2014-05-05 22:15:03 +02:00
qemu-img-cmds.hx qemu-img: add -l for snapshot in convert 2013-12-04 15:19:00 +01:00
qemu-img.c Remove g_sequence_lookup from qemu-img help function 2014-05-19 11:36:48 +02:00
qemu-img.texi Describe flaws in qcow/qcow2 encryption in the docs 2014-01-31 22:05:03 +01:00
qemu-io-cmds.c qemu-io-cmds: Fixed typo in example for writev. 2014-03-19 09:39:41 +01:00
qemu-io.c block: Add errp to bdrv_new() 2014-04-22 12:00:20 +02:00
qemu-log.c qemu-log: default to stderr for logging output 2013-02-26 13:31:47 -06:00
qemu-nbd.c block: Add errp to bdrv_new() 2014-04-22 12:00:20 +02:00
qemu-nbd.texi qemu-nbd: add doc for option -f 2013-12-04 15:19:00 +01:00
qemu-options-wrapper.h
qemu-options.h
qemu-options.hx curl: Add usage documentation 2014-05-19 11:36:49 +02:00
qemu-seccomp.c seccomp: add shmctl(), mlock(), and munlock() to the syscall whitelist 2014-04-25 14:52:03 -03:00
qemu-tech.texi qemu-tech.texi: update implemented xtensa features list 2012-11-29 13:00:52 -06:00
qemu-timer.c vl.c: remove init_clocks call from main 2014-05-09 20:57:32 +02:00
qemu.nsi nsis: Improved support for parallel installation of 32 and 64 bit code 2013-11-07 07:02:44 +01:00
qemu.sasl sasl: Avoid 'Could not find keytab file' in syslog 2014-03-15 13:54:18 +04:00
qmp-commands.hx qmp: use valid JSON in transaction example 2014-05-09 09:11:32 -04:00
qmp.c qmp: Don't use error_is_set() to suppress additional errors 2014-05-09 09:11:32 -04:00
qtest.c machine: Replace QEMUMachine by MachineClass in accelerator configuration 2014-05-05 19:08:49 +02:00
README Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
rules.mak build: simplify and fix fix-obj-vars 2014-05-09 22:59:40 +02:00
savevm.c qerror.h: Remove QERR defines that are only used once 2014-04-25 09:19:59 -04:00
spice-qemu-char.c spice: hook qemu_chr_fe_set_open() event to ports 2014-02-03 11:05:15 +01:00
tcg-runtime.c tcg: Implement multiword multiply helpers 2013-02-23 17:25:28 +00:00
tci.c tci: Mask shift counts to avoid undefined behavior 2014-04-18 16:57:36 -07:00
thread-pool.c Add a 'name' parameter to qemu_thread_create 2014-03-09 21:09:38 +02:00
thunk.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
tpm.c Use error_is_set() only when necessary 2014-02-17 11:57:23 -05:00
trace-events kvm: make one_reg helpers available for everyone 2014-05-13 13:11:08 +02:00
translate-all.c tcg: Define tcg_insn_unit for code pointers 2014-05-12 10:03:04 -07:00
translate-all.h translate-all: Change tb_check_watchpoint() argument to CPUState 2014-03-13 19:20:48 +01:00
user-exec.c tcg-aarch64: Properly detect SIGSEGV writes 2014-04-16 12:12:32 -04:00
VERSION Open 2.1 development tree 2014-04-17 20:39:32 +01:00
version.rc Use qemu-project.org domain name 2013-10-11 09:34:56 -07:00
vl.c vl.c: remove init_clocks call from main 2014-05-09 20:57:32 +02:00
vmstate.c savevm: Ignore minimum_version_id_old if there is no load_state_old 2014-05-05 22:15:03 +02:00
xbzrle.c xbzrle.c: Avoid undefined behaviour with signed arithmetic 2014-04-18 10:33:36 +04:00
xen-common-stub.c xen: factor out common functions 2014-05-07 16:16:43 +00:00
xen-common.c xen: factor out common functions 2014-05-07 16:16:43 +00:00
xen-hvm-stub.c xen: factor out common functions 2014-05-07 16:16:43 +00:00
xen-hvm.c pass an inclusive address range to xc_domain_pin_memory_cacheattr 2014-05-07 16:17:57 +00:00
xen-mapcache.c hw: move headers to include/ 2013-04-08 18:13:10 +02:00

Read the documentation in qemu-doc.html or on http://wiki.qemu-project.org

- QEMU team