From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57721)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1YBmH0-0004jF-NS
	for qemu-devel@nongnu.org; Thu, 15 Jan 2015 10:23:51 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1YBmGv-0007ZD-MK
	for qemu-devel@nongnu.org; Thu, 15 Jan 2015 10:23:50 -0500
Received: from mail-wg0-x230.google.com ([2a00:1450:400c:c00::230]:34050)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1YBmGv-0007Yy-Fh
	for qemu-devel@nongnu.org; Thu, 15 Jan 2015 10:23:45 -0500
Received: by mail-wg0-f48.google.com with SMTP id l2so15550053wgh.7
	for <qemu-devel@nongnu.org>; Thu, 15 Jan 2015 07:23:44 -0800 (PST)
Date: Thu, 15 Jan 2015 15:23:41 +0000
From: Stefan Hajnoczi <stefanha@gmail.com>
Message-ID: <20150115152341.GD4005@stefanha-thinkpad.redhat.com>
References: <1421065893-18875-1-git-send-email-stefanha@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="F8dlzb82+Fcn6AgP"
Content-Disposition: inline
In-Reply-To: <1421065893-18875-1-git-send-email-stefanha@redhat.com>
Subject: Re: [Qemu-devel] [PATCH 0/2] qed: additional input validation
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stefan Hajnoczi <stefanha@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>, qemu-devel@nongnu.org, mreitz@redhat.com


--F8dlzb82+Fcn6AgP
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jan 12, 2015 at 12:31:31PM +0000, Stefan Hajnoczi wrote:
> These patches add an overflow check and a test case for invalid QED heade=
rs.
> Note that this has no security impact because reading the backing filenam=
e is
> limited to sizeof(bs->backing_file).
>=20
> Stefan Hajnoczi (2):
>   qed: check for header size overflow
>   qemu-iotests: add 116 invalid QED input file tests
>=20
>  block/qed.c                |  6 +++
>  tests/qemu-iotests/116     | 96 ++++++++++++++++++++++++++++++++++++++++=
++++++
>  tests/qemu-iotests/116.out | 37 ++++++++++++++++++
>  tests/qemu-iotests/group   |  1 +
>  4 files changed, 140 insertions(+)
>  create mode 100755 tests/qemu-iotests/116
>  create mode 100644 tests/qemu-iotests/116.out

Kevin: Thanks for the style suggestion, I have applied your tweak.  It
does read clearer when the expression checks UINT32_MAX.

Thanks, applied to my block tree:
https://github.com/stefanha/qemu/commits/block

Stefan

--F8dlzb82+Fcn6AgP
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUt9t9AAoJEJykq7OBq3PIQQ0H/i3WXwwQQ2nkud8K/vYLOwCP
Sl+YaL6LaZJZS7kc7AMzbBkttl88qy8eSafhRw0RvZQe3+t+AZr1NC/1Kv7jb62K
e3B/wPMQULaN3axSkfNSCZphpUIP1ZFjRt999TIazMUk+FTX3aCYpqbZUmtYDDDc
WvHm23lEQxE3Ot1I+WhtbcNg0JMDfptrKakPPIaBVsRwcHZokQy6DWl10wKhNFZI
cHzgbsfhzuvw0JEAom4UVABzy0wu3+caMazIMeA+xqolHLYTNpnLdE8rtoUx44FR
s2y3QqEHws7EkBTcw65ikNxF0SPg6pKHyfHEjnH3/HIH/f9IHaPx3T2HD1AiIHs=
=xC8y
-----END PGP SIGNATURE-----

--F8dlzb82+Fcn6AgP--