qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [5059] Add image format option for USB mass-storage devices


From: Aurelien Jarno
Subject: [Qemu-devel] [5059] Add image format option for USB mass-storage devices
Date: Thu, 21 Aug 2008 22:24:33 +0000

Revision: 5059
          http://svn.sv.gnu.org/viewvc/?view=rev&root=qemu&revision=5059
Author:   aurel32
Date:     2008-08-21 22:24:32 +0000 (Thu, 21 Aug 2008)

Log Message:
-----------
Add image format option for USB mass-storage devices

(fix CVE-2008-1945)

Signed-off-by: Aurelien Jarno <address@hidden>

Modified Paths:
--------------
    trunk/hw/usb-msd.c
    trunk/qemu-doc.texi

Modified: trunk/hw/usb-msd.c
===================================================================
--- trunk/hw/usb-msd.c  2008-08-21 20:12:05 UTC (rev 5058)
+++ trunk/hw/usb-msd.c  2008-08-21 22:24:32 UTC (rev 5059)
@@ -517,13 +517,42 @@
 {
     MSDState *s;
     BlockDriverState *bdrv;
+    BlockDriver *drv = NULL;
+    const char *p1;
+    char fmt[32];
 
+    p1 = strchr(filename, ':');
+    if (p1++) {
+        const char *p2;
+
+        if (strstart(filename, "format=", &p2)) {
+            int len = MIN(p1 - p2, sizeof(fmt));
+            pstrcpy(fmt, len, p2);
+
+            drv = bdrv_find_format(fmt);
+            if (!drv) {
+                printf("invalid format %s\n", fmt);
+                return NULL;
+            }
+        } else if (*filename != ':') {
+            printf("unrecognized USB mass-storage option %s\n", filename);
+            return NULL;
+        }
+
+        filename = p1;
+    }
+
+    if (!*filename) {
+        printf("block device specification needed\n");
+        return NULL;
+    }
+
     s = qemu_mallocz(sizeof(MSDState));
     if (!s)
         return NULL;
 
     bdrv = bdrv_new("usb");
-    if (bdrv_open(bdrv, filename, 0) < 0)
+    if (bdrv_open2(bdrv, filename, 0, drv) < 0)
         goto fail;
     if (qemu_key_check(bdrv, filename))
         goto fail;

Modified: trunk/qemu-doc.texi
===================================================================
--- trunk/qemu-doc.texi 2008-08-21 20:12:05 UTC (rev 5058)
+++ trunk/qemu-doc.texi 2008-08-21 22:24:32 UTC (rev 5059)
@@ -550,8 +550,10 @@
 means qemu is able to report the mouse position without having to grab the
 mouse. Also overrides the PS/2 mouse emulation when activated.
 
address@hidden disk:file
-Mass storage device based on file
address@hidden disk:address@hidden:file
+Mass storage device based on file. The optional @var{format} argument
+will be used rather than detecting the format. Can be used to specifiy
+format=raw to avoid interpreting an untrusted format header.
 
 @item host:bus.addr
 Pass through the host device identified by bus.addr (Linux only).






reply via email to

[Prev in Thread] Current Thread [Next in Thread]