[Qemu-stable] [PATCH for-2.0 13/47] bochs: Fix bitmap offset calculation

qemu-stable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-stable] [PATCH for-2.0 13/47] bochs: Fix bitmap offset calculation

From:	Stefan Hajnoczi
Subject:	[Qemu-stable] [PATCH for-2.0 13/47] bochs: Fix bitmap offset calculation
Date:	Wed, 26 Mar 2014 13:05:35 +0100

From: Kevin Wolf <address@hidden>

32 bit truncation could let us access the wrong offset in the image.

Signed-off-by: Kevin Wolf <address@hidden>
Reviewed-by: Stefan Hajnoczi <address@hidden>
---
 block/bochs.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/block/bochs.c b/block/bochs.c
index a922782..826ec12 100644
--- a/block/bochs.c
+++ b/block/bochs.c
@@ -186,8 +186,9 @@ static int64_t seek_to_sector(BlockDriverState *bs, int64_t 
sector_num)
        return -1; /* not allocated */
     }
 
-    bitmap_offset = s->data_offset + (512 * s->catalog_bitmap[extent_index] *
-       (s->extent_blocks + s->bitmap_blocks));
+    bitmap_offset = s->data_offset +
+        (512 * (uint64_t) s->catalog_bitmap[extent_index] *
+        (s->extent_blocks + s->bitmap_blocks));
 
     /* read in bitmap for current extent */
     if (bdrv_pread(bs->file, bitmap_offset + (extent_offset / 8),
-- 
1.8.5.3

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-stable] [PATCH for-2.0 09/47] bochs: Unify header structs and make them QEMU_PACKED, (continued)
- [Qemu-stable] [PATCH for-2.0 09/47] bochs: Unify header structs and make them QEMU_PACKED, Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 09/47] bochs: Unify header structs and make them QEMU_PACKED, Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 10/47] bochs: Use unsigned variables for offsets and sizes (CVE-2014-0147), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 10/47] bochs: Use unsigned variables for offsets and sizes (CVE-2014-0147), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 11/47] bochs: Check catalog_size header field (CVE-2014-0143), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 11/47] bochs: Check catalog_size header field (CVE-2014-0143), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 12/47] bochs: Check extent_size header field (CVE-2014-0142), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 12/47] bochs: Check extent_size header field (CVE-2014-0142), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 15/47] vpc: Validate block size (CVE-2014-0142), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 15/47] vpc: Validate block size (CVE-2014-0142), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 13/47] bochs: Fix bitmap offset calculation, Stefan Hajnoczi <=
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 13/47] bochs: Fix bitmap offset calculation, Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 14/47] vpc/vhd: add bounds check for max_table_entries and block_size (CVE-2014-0144), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 14/47] vpc/vhd: add bounds check for max_table_entries and block_size (CVE-2014-0144), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 19/47] qcow2: Check header_length (CVE-2014-0144), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 19/47] qcow2: Check header_length (CVE-2014-0144), Max Reitz, 2014/03/26
- [Qemu-stable] [PATCH for-2.0 16/47] vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144), Stefan Hajnoczi, 2014/03/26
  - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 16/47] vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144), Stefan Weil, 2014/03/26
    - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 16/47] vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144), Jeff Cody, 2014/03/27
    - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 16/47] vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144), Stefan Weil, 2014/03/27
    - Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 16/47] vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2014-0144), Stefan Hajnoczi, 2014/03/28

Prev by Date: [Qemu-stable] [PATCH for-2.0 15/47] vpc: Validate block size (CVE-2014-0142)
Next by Date: [Qemu-stable] [PATCH for-2.0 14/47] vpc/vhd: add bounds check for max_table_entries and block_size (CVE-2014-0144)
Previous by thread: Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 15/47] vpc: Validate block size (CVE-2014-0142)
Next by thread: Re: [Qemu-stable] [Qemu-devel] [PATCH for-2.0 13/47] bochs: Fix bitmap offset calculation
Index(es):
- Date
- Thread