bochs: Check extent_size header field (CVE-2014-0142)

This fixes two possible division by zero crashes: In bochs_open() and in seek_to_sector(). Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
author: Kevin Wolf <kwolf@redhat.com> 2014-03-26 13:05:34 +0100
committer: Stefan Hajnoczi <stefanha@redhat.com> 2014-04-01 13:59:47 +0200
commit: 8e53abbc20d08ae3ec30c2054e1161314ad9501d (patch)
tree: bddf225073fc61d129d292b9300e40d9526037fa /tests/qemu-iotests/078.out
parent: e3737b820b45e54b059656dc3f914f895ac7a88b (diff)
download: hqemu-8e53abbc20d08ae3ec30c2054e1161314ad9501d.zip
hqemu-8e53abbc20d08ae3ec30c2054e1161314ad9501d.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/tests/qemu-iotests/078.out b/tests/qemu-iotests/078.out
index 7254693..ea95ffd 100644
--- a/tests/qemu-iotests/078.out
+++ b/tests/qemu-iotests/078.out
@@ -15,4 +15,12 @@ no file open, try 'help open'
 == Too small catalog bitmap for image size ==
 qemu-io: can't open device TEST_DIR/empty.bochs: Catalog size is too small for this disk size
 no file open, try 'help open'
+
+== Negative extent size ==
+qemu-io: can't open device TEST_DIR/empty.bochs: Extent size 4294967295 is too large
+no file open, try 'help open'
+
+== Zero extent size ==
+qemu-io: can't open device TEST_DIR/empty.bochs: Extent size may not be zero
+no file open, try 'help open'
 *** done
author	Kevin Wolf <kwolf@redhat.com>	2014-03-26 13:05:34 +0100
committer	Stefan Hajnoczi <stefanha@redhat.com>	2014-04-01 13:59:47 +0200
commit	8e53abbc20d08ae3ec30c2054e1161314ad9501d (patch)
tree	bddf225073fc61d129d292b9300e40d9526037fa /tests/qemu-iotests/078.out
parent	e3737b820b45e54b059656dc3f914f895ac7a88b (diff)
download	hqemu-8e53abbc20d08ae3ec30c2054e1161314ad9501d.zip hqemu-8e53abbc20d08ae3ec30c2054e1161314ad9501d.tar.gz