[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1462944] Re: vpc file causes qemu-img to consume lots
|
From: |
Richard Jones |
|
Subject: |
[Qemu-devel] [Bug 1462944] Re: vpc file causes qemu-img to consume lots of time and memory |
|
Date: |
Thu, 14 Jun 2018 19:13:45 -0000 |
I suspect this bug is probably still around, and if not then this class
of bugs is certainly still around. What we have done in management
tools like Open Stack is to confine qemu-img using simple ulimits when
inspecting any untrusted image, and that solves the problem so it's
probably fine to close this bug now.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1462944
Title:
vpc file causes qemu-img to consume lots of time and memory
Status in QEMU:
Incomplete
Bug description:
The attached vpc file causes 'qemu-img info' to consume 3 or 4 seconds
of CPU time and 1.3 GB of heap, causing a minor denial of service.
$ /usr/bin/time ~/d/qemu/qemu-img info afl12.img
block-vpc: The header checksum of 'afl12.img' is incorrect.
qemu-img: Could not open 'afl12.img': block-vpc: free_data_block_offset
points after the end of file. The image has been truncated.
1.19user 3.15system 0:04.35elapsed 99%CPU (0avgtext+0avgdata
1324504maxresident)k
0inputs+0outputs (0major+327314minor)pagefaults 0swaps
The file was found using american-fuzzy-lop.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1462944/+subscriptions