diff options
| author | Kevin Wolf <kwolf@redhat.com> | 2014-04-09 12:10:34 +0200 |
|---|---|---|
| committer | Kevin Wolf <kwolf@redhat.com> | 2014-04-11 13:59:49 +0200 |
| commit | 715c3f60efa9801a777a71cd06eaf8efa7eaa2a8 (patch) | |
| tree | 49c048c88723c0ad327faf47feb15c14c85a85b2 /tests | |
| parent | 28ec11bc882387e51c7450558af5a49b8be95a36 (diff) | |
| download | qemu-715c3f60efa9801a777a71cd06eaf8efa7eaa2a8.tar.gz qemu-715c3f60efa9801a777a71cd06eaf8efa7eaa2a8.tar.bz2 qemu-715c3f60efa9801a777a71cd06eaf8efa7eaa2a8.zip | |
bochs: Fix catalog size check
The old check was off by a factor of 512 and didn't consider cases where
we don't get an exact division. This could lead to an out-of-bounds
array access in seek_to_sector().
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Diffstat (limited to 'tests')
| -rwxr-xr-x | tests/qemu-iotests/078 | 6 | ||||
| -rw-r--r-- | tests/qemu-iotests/078.out | 6 |
2 files changed, 9 insertions, 3 deletions
diff --git a/tests/qemu-iotests/078 b/tests/qemu-iotests/078 index 872e734cab..d4d6da7b09 100755 --- a/tests/qemu-iotests/078 +++ b/tests/qemu-iotests/078 @@ -69,10 +69,14 @@ _use_sample_img empty.bochs.bz2 poke_file "$TEST_IMG" "$disk_size_offset" "\x00\xc0\x0f\x00\x00\x00\x00\x7f" { $QEMU_IO -c "read 2T 4k" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir +_use_sample_img empty.bochs.bz2 +poke_file "$TEST_IMG" "$catalog_size_offset" "\x10\x00\x00\x00" +{ $QEMU_IO -c "read 0xfbe00 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir + echo echo "== Negative extent size ==" _use_sample_img empty.bochs.bz2 -poke_file "$TEST_IMG" "$extent_size_offset" "\xff\xff\xff\xff" +poke_file "$TEST_IMG" "$extent_size_offset" "\x00\x00\x00\x80" { $QEMU_IO -c "read 768k 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir echo diff --git a/tests/qemu-iotests/078.out b/tests/qemu-iotests/078.out index ea95ffdbb8..ca18d2ea38 100644 --- a/tests/qemu-iotests/078.out +++ b/tests/qemu-iotests/078.out @@ -15,12 +15,14 @@ no file open, try 'help open' == Too small catalog bitmap for image size == qemu-io: can't open device TEST_DIR/empty.bochs: Catalog size is too small for this disk size no file open, try 'help open' +qemu-io: can't open device TEST_DIR/empty.bochs: Catalog size is too small for this disk size +no file open, try 'help open' == Negative extent size == -qemu-io: can't open device TEST_DIR/empty.bochs: Extent size 4294967295 is too large +qemu-io: can't open device TEST_DIR/empty.bochs: Extent size 2147483648 is too large no file open, try 'help open' == Zero extent size == -qemu-io: can't open device TEST_DIR/empty.bochs: Extent size may not be zero +qemu-io: can't open device TEST_DIR/empty.bochs: Extent size must be at least 512 no file open, try 'help open' *** done |