Commit 8f282e83 authored by Eyal Moscovici's avatar Eyal Moscovici Committed by Eric Blake
Browse files

qemu-img: validate image length in img_map 



The code handles this case correctly: we merely skip the loop. However it
is probably best to return an explicit error.

Reviewed-by: default avatarEric Blake <eblake@redhat.com>
Acked-by: default avatarMark Kanda <mark.kanda@oracle.com>
Signed-off-by: default avatarEyal Moscovici <eyal.moscovici@oracle.com>
Message-Id: <20200513133629.18508-3-eyal.moscovici@oracle.com>
[eblake: commit message tweak]
Signed-off-by: default avatarEric Blake <eblake@redhat.com>
parent 43d589b0

qemu-img.c

+5 −0
Original line number Diff line number Diff line
@@ -3092,6 +3092,11 @@ static int img_map(int argc, char **argv) 
    }



    length = blk_getlength(blk);

    if (length < 0) {

        error_report("Failed to get size for '%s'", filename);

        return 1;

    }



    while (curr.start + curr.length < length) {

        int64_t offset = curr.start + curr.length;

        int64_t n;