SYS-OSS/FRET-qemu
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Pull request

Browse Source 
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmeb4h0ACgkQnKSrs4Gr
 c8jqngf/WC+QeP9FPTp0yYF7+W25OrOejMpvCggfZAXCoTs1ruApab0OrYYQFFyb
 iJUece0p4hvcrbxScyCWyHn9g2BDnQGGXAjTIzGzZ56sNdySMYB4XdZ1UeikQwh8
 gHwWAb5G0x5Q2P8LMp3xVkbceeiw+WfiE/KiKsjio3OfBGoOC32LEdC6+QvOw2hs
 Q5mnHUZG4I1YXMkJQh7M/BF4oE+weKMhD2IHrZtRPygjsK6Zv99J8W7yLa2HeSVz
 So5vzYV+2A4FOdomSn9iExNb16jImV2Zl5tIAe60hVQ6fvMT0OCCWmQtgUi78MDK
 bnp+VWj8a0Rm2vJeWX54pu0b6vo1Vg==
 =NOSK
 -----END PGP SIGNATURE-----

Merge tag 'block-pull-request' of https://gitlab.com/stefanha/qemu into staging

Pull request

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmeb4h0ACgkQnKSrs4Gr
# c8jqngf/WC+QeP9FPTp0yYF7+W25OrOejMpvCggfZAXCoTs1ruApab0OrYYQFFyb
# iJUece0p4hvcrbxScyCWyHn9g2BDnQGGXAjTIzGzZ56sNdySMYB4XdZ1UeikQwh8
# gHwWAb5G0x5Q2P8LMp3xVkbceeiw+WfiE/KiKsjio3OfBGoOC32LEdC6+QvOw2hs
# Q5mnHUZG4I1YXMkJQh7M/BF4oE+weKMhD2IHrZtRPygjsK6Zv99J8W7yLa2HeSVz
# So5vzYV+2A4FOdomSn9iExNb16jImV2Zl5tIAe60hVQ6fvMT0OCCWmQtgUi78MDK
# bnp+VWj8a0Rm2vJeWX54pu0b6vo1Vg==
# =NOSK
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 30 Jan 2025 15:33:33 EST
# gpg:                using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [ultimate]
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>" [ultimate]
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* tag 'block-pull-request' of https://gitlab.com/stefanha/qemu:
  parallels: fix ext_off assertion failure due to overflow

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
This commit is contained in:
Stefan Hajnoczi 2025-02-02 11:09:10 -05:00
commit 6fccaa2fba
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
block/parallels.c
View File

@ -1298,6 +1298,10 @@ static int parallels_open(BlockDriverState *bs, QDict *options, int flags,
error_setg(errp, "Catalog too large");
return -EFBIG;
}
if (le64_to_cpu(ph.ext_off) >= (INT64_MAX >> BDRV_SECTOR_BITS)) {
error_setg(errp, "Invalid image: Too big offset");
return -EFBIG;
}
size = bat_entry_off(s->bat_size);
s->header_size = ROUND_UP(size, bdrv_opt_mem_align(bs->file->bs));