diff options
author | Eyal Moscovici | 2020-05-13 15:36:27 +0200 |
---|---|---|
committer | Eric Blake | 2020-05-18 18:02:05 +0200 |
commit | 8f282e83edd3d1b4ea6e9258f5a4081b490c33cc (patch) | |
tree | 03715fa59e94b559c7a492be2296ecb6c412fb20 /qemu-img.c | |
parent | qemu_img: add cvtnum_full to print error reports (diff) | |
download | qemu-8f282e83edd3d1b4ea6e9258f5a4081b490c33cc.tar.gz qemu-8f282e83edd3d1b4ea6e9258f5a4081b490c33cc.tar.xz qemu-8f282e83edd3d1b4ea6e9258f5a4081b490c33cc.zip |
qemu-img: validate image length in img_map
The code handles this case correctly: we merely skip the loop. However it
is probably best to return an explicit error.
Reviewed-by: Eric Blake <eblake@redhat.com>
Acked-by: Mark Kanda <mark.kanda@oracle.com>
Signed-off-by: Eyal Moscovici <eyal.moscovici@oracle.com>
Message-Id: <20200513133629.18508-3-eyal.moscovici@oracle.com>
[eblake: commit message tweak]
Signed-off-by: Eric Blake <eblake@redhat.com>
Diffstat (limited to 'qemu-img.c')
-rw-r--r-- | qemu-img.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/qemu-img.c b/qemu-img.c index 5d824fc15f..c88f412333 100644 --- a/qemu-img.c +++ b/qemu-img.c @@ -3092,6 +3092,11 @@ static int img_map(int argc, char **argv) } length = blk_getlength(blk); + if (length < 0) { + error_report("Failed to get size for '%s'", filename); + return 1; + } + while (curr.start + curr.length < length) { int64_t offset = curr.start + curr.length; int64_t n; |