)]}' { "commit": "42eb58179b3b215bb507da3262b682b8a2ec10b5", "tree": "5dd3e16d510ab10ee3d2c2aa843daa44ed34f25c", "parents": [ "7159a45b2bf2dcb9f49f1e27d1d3d135a0247a2f" ], "author": { "name": "Kevin Wolf", "email": "kwolf@redhat.com", "time": "Thu May 15 16:10:11 2014 +0200" }, "committer": { "name": "Kevin Wolf", "email": "kwolf@redhat.com", "time": "Mon May 19 11:36:49 2014 +0200" }, "message": "qcow1: Validate L2 table size (CVE-2014-0222)\n\nToo large L2 table sizes cause unbounded allocations. Images actually\ncreated by qemu-img only have 512 byte or 4k L2 tables.\n\nTo keep things consistent with cluster sizes, allow ranges between 512\nbytes and 64k (in fact, down to 1 entry \u003d 8 bytes is technically\nworking, but L2 table sizes smaller than a cluster don\u0027t make a lot of\nsense).\n\nThis also means that the number of bytes on the virtual disk that are\ndescribed by the same L2 table is limited to at most 8k * 64k or 2^29,\npreventively avoiding any integer overflows.\n\nCc: qemu-stable@nongnu.org\nSigned-off-by: Kevin Wolf \u003ckwolf@redhat.com\u003e\nReviewed-by: Benoit Canet \u003cbenoit@irqsave.net\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "e60df234c44d4c861b573f61e73adcd70a05d1fb", "old_mode": 33188, "old_path": "block/qcow.c", "new_id": "e8038e56c8b76e01f29cbb9b0d6932338bff591a", "new_mode": 33188, "new_path": "block/qcow.c" }, { "type": "modify", "old_id": "d060e6fa87408c75fd7f4be83bc6740fa8dcf7d9", "old_mode": 33261, "old_path": "tests/qemu-iotests/092", "new_id": "fb8bacc58c88cd2d3e8c2c37d5e11c6e8211e8a5", "new_mode": 33261, "new_path": "tests/qemu-iotests/092" }, { "type": "modify", "old_id": "8bf81580cd78d99b900812920cf8198f3089c93d", "old_mode": 33188, "old_path": "tests/qemu-iotests/092.out", "new_id": "73918b3c5075b29aba122c5ec384f414146633b8", "new_mode": 33188, "new_path": "tests/qemu-iotests/092.out" } ] }