On Wed, Feb 15, 2017 at 02:28:41PM -0500, Dawid Zamirski wrote:
> Correct, however there's also no guarantee that seeking by 4k in
> "garbage" data would not land you in registry data that happens to
> evaluate to "hbin" as well. That's why I put "hbin" offset validation
> check couple of lines below to make sure that the "hbin" we found by
> searching is a proper one. The offset check I'm referring to is:
>
> /* get "stated" hbin offset from header */
> size_t page_offset = le32to(page->offset_first) + 0x1000;
>
> /* if that does not match our current file offset,
> then exit with error */
> if (page_offset != off) {
> SET_ERRNO...
> }
Still, what kind of corruption would move a genuine hbin to a
non-page-sized offset in the file? It seems unlikely to me ...
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html
_______________________________________________
Libguestfs mailing list
Libguestfs@redhat.com
https://www.redhat.com/mailman/listinfo/libguestfs
