From: Alexander Graf <agraf@suse.de>
To: qemu-ppc@nongnu.org
Cc: qemu-devel Developers <qemu-devel@nongnu.org>,
Blue Swirl <blauwirbel@gmail.com>,
Aurelien Jarno <aurelien@aurel32.net>,
David Gibson <david@gibson.dropbear.id.au>
Subject: [Qemu-devel] [PATCH 15/26] load_image_targphys() should enforce the max size
Date: Sat, 21 Jan 2012 05:19:00 +0100 [thread overview]
Message-ID: <1327119551-29674-16-git-send-email-agraf@suse.de> (raw)
In-Reply-To: <1327119551-29674-1-git-send-email-agraf@suse.de>
From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
load_image_targphys() gets passed a max size for the file, but doesn't
enforce it at all. Add a check and return -1 (error) if the file is
too big, without loading it. Fix the bracing style in the function
while we're at it.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
hw/loader.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/hw/loader.c b/hw/loader.c
index 446b628..415cdce 100644
--- a/hw/loader.c
+++ b/hw/loader.c
@@ -108,8 +108,12 @@ int load_image_targphys(const char *filename,
int size;
size = get_image_size(filename);
- if (size > 0)
+ if (size > max_sz) {
+ return -1;
+ }
+ if (size > 0) {
rom_add_file_fixed(filename, addr, -1);
+ }
return size;
}
--
1.6.0.2
next prev parent reply other threads:[~2012-01-21 4:19 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-21 4:18 [Qemu-devel] [PULL 00/26] ppc patch queue 2012-01-21 Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 01/26] PPC: 440EP: Initialize timer Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 02/26] PPC: Bamboo: Register CPU reset Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 03/26] PPC: Bamboo: Set initial TLB entry Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 04/26] PPC: 440: Ignore invalid PCI IRQs Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 05/26] PPC: Bamboo: recompile device tree Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 06/26] PPC: 440: Default to 440EP CPU Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 07/26] PPC: Enable 440EP CPU target Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 08/26] PPC: bamboo: remove old machine descriptions Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 09/26] PPC: bamboo: fix whitespace Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 10/26] PPC: 4xx: Qdevify the 440 PCI host controller Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 11/26] PPC: Bamboo: fold ppc440.c and ppc440_bamboo.c into a single file Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 12/26] PPC: Bamboo: Integrate SoC instatiation, use qdev for PCI Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 13/26] virtio-pci: Fix endianness of virtio config Alexander Graf
2012-01-21 4:18 ` [Qemu-devel] [PATCH 14/26] virtio: change memcpy to guest reads Alexander Graf
2012-01-21 4:19 ` Alexander Graf [this message]
2012-01-21 4:19 ` [Qemu-devel] [PATCH 16/26] Fix dirty logging with 32-bit qemu & 64-bit guests Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 17/26] Update gitignore file Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 18/26] Correct types in bmdma_addr_{read, write} Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 19/26] pseries: Support PCI extended config space in RTAS calls Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 20/26] pseries: Use correct dispatcher for PCI config space accesses Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 21/26] pseries: SLOF PCI flag day Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 22/26] MAINTAINERS: Add qemu-ppc to all ppc target stuff Alexander Graf
2012-01-21 7:22 ` Andreas Färber
2012-01-21 4:19 ` [Qemu-devel] [PATCH 23/26] MAINTAINERS: Add PCI host bridge files to CHRP machines Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 24/26] PPC: Pseries: Check for PCI boundaries Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 25/26] MAINTAINERS: Add PCI-PCI bridge to New World Mac machine Alexander Graf
2012-01-21 4:19 ` [Qemu-devel] [PATCH 26/26] grackle_pci: Clean up qdev names Alexander Graf
2012-01-21 20:02 ` [Qemu-devel] [PULL 00/26] ppc patch queue 2012-01-21 Blue Swirl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1327119551-29674-16-git-send-email-agraf@suse.de \
--to=agraf@suse.de \
--cc=aurelien@aurel32.net \
--cc=blauwirbel@gmail.com \
--cc=david@gibson.dropbear.id.au \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).