ShuriZma
/
xemu
mirror of https://github.com/xemu-project/xemu.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

luks: Catch integer overflow for huge sizes 

When you request an image size close to UINT64_MAX, the addition of the
crypto header may cause an integer overflow. Catch it instead of
silently truncating the image size.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Kevin Wolf 2018-03-05 18:15:26 +01:00
parent e39e959e89
commit 3d7ed9c453
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
block/crypto.c
View File

@ -102,6 +102,11 @@ static ssize_t block_crypto_init_func(QCryptoBlock *block,
{ {
struct BlockCryptoCreateData *data = opaque; struct BlockCryptoCreateData *data = opaque;
if (data->size > INT64_MAX || headerlen > INT64_MAX - data->size) {
error_setg(errp, "The requested file size is too large");
return -EFBIG;
}
/* User provided size should reflect amount of space made /* User provided size should reflect amount of space made
* available to the guest, so we must take account of that * available to the guest, so we must take account of that
* which will be used by the crypto header * which will be used by the crypto header