From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:54635) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XwJ6k-0004h2-Oi for qemu-devel@nongnu.org; Wed, 03 Dec 2014 18:13:24 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XwJ6e-0003Hx-Ev for qemu-devel@nongnu.org; Wed, 03 Dec 2014 18:13:18 -0500 Received: from mx1.redhat.com ([209.132.183.28]:43241) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XwJ6e-0003HZ-72 for qemu-devel@nongnu.org; Wed, 03 Dec 2014 18:13:12 -0500 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id sB3NDBpS010055 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for ; Wed, 3 Dec 2014 18:13:11 -0500 Date: Thu, 4 Dec 2014 07:13:08 +0800 From: Fam Zheng Message-ID: <20141203231308.GB22739@ad.nay.redhat.com> References: <1417602521-14482-1-git-send-email-famz@redhat.com> <1417602521-14482-5-git-send-email-famz@redhat.com> <547F1B92.5080107@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <547F1B92.5080107@redhat.com> Subject: Re: [Qemu-devel] [PATCH v3 4/6] vmdk: Check descriptor file length when reading it List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Max Reitz Cc: Kevin Wolf , qemu-devel@nongnu.org, Stefan Hajnoczi , Markus Armbruster On Wed, 12/03 15:17, Max Reitz wrote: > On 2014-12-03 at 11:28, Fam Zheng wrote: > >Since a too small file cannot be a valid VMDK image, and also since the > >buffer's first 4 bytes will be unconditionally examined by > >vmdk_open_sparse, let's error out the small file case to be clear. > > > >Signed-off-by: Fam Zheng > >Reviewed-by: Markus Armbruster > >--- > > block/vmdk.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > >diff --git a/block/vmdk.c b/block/vmdk.c > >index 82257cd..045fd7a 100644 > >--- a/block/vmdk.c > >+++ b/block/vmdk.c > >@@ -557,6 +557,11 @@ static char *vmdk_read_desc(BlockDriverState *file, uint64_t desc_offset, > > return NULL; > > } > >+ if (size < 4) { > >+ error_setg_errno(errp, -size, "File is too small, not a valid image"); > > 0 <= size < 4, strerror(0..-3) doesn't make a whole lot of sense. Should be > simply error_setg() instead of error_setg_errno(). Yes, fixing. Fam