xemu/tests/qemu-iotests
Stefan Hajnoczi f56b9bc3ae block/cloop: refuse images with bogus offsets (CVE-2014-0144)
The offsets[] array allows efficient seeking and tells us the maximum
compressed data size.  If the offsets are bogus the maximum compressed
data size will be unrealistic.

This could cause g_malloc() to abort and bogus offsets mean the image is
broken anyway.  Therefore we should refuse such images.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Max Reitz <mreitz@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-04-01 13:59:47 +02:00
..
2012-04-19 15:48:52 +02:00
2013-10-07 13:23:19 +02:00
2013-08-30 15:48:43 +02:00
2013-08-30 15:48:43 +02:00
2013-09-06 15:25:07 +02:00
041
2013-11-27 07:53:32 -08:00
2013-11-27 07:53:32 -08:00
056
2013-07-26 22:01:31 +02:00
2014-02-21 21:02:24 +01:00
062
2013-08-30 15:28:52 +02:00
2014-01-22 12:07:18 +01:00
077
2014-02-09 09:12:38 +01:00
2014-01-24 17:40:25 +01:00
2012-02-23 10:29:46 +01:00

=== This is the QEMU I/O test suite ===

* Intro

This package contains a simple test suite for the I/O layer of qemu.
It does not require a guest, but only the qemu, qemu-img and qemu-io
binaries.  This does limit it to exercise the low-level I/O path only
but no actual block drivers like ide, scsi or virtio.

* Usage

Just run ./check to run all tests for the raw image format, or ./check
-qcow2 to test the qcow2 image format.  The output of ./check -h explains
additional options to test further image formats or I/O methods.

* Feedback and patches

Please send improvements to the test suite, general feedback or just
reports of failing tests cases to qemu-devel@savannah.nongnu.org.