Am 18.03.2025 um 11:58 hat ger...@altlinux.org geschrieben: > From: Denis Rastyogin <ger...@altlinux.org> > > This error was discovered by fuzzing qemu-img. > > The qcow2_refresh_limits() is missing a check > for the s->crypto pointer, which can lead to > a null pointer dereference. This commit adds the necessary check. > > Reported-by: Leonid Reviakin <l.revia...@fobos-nt.ru> > Signed-off-by: Denis Rastyogin <ger...@altlinux.org>
Please provide more information how to trigger this. This is probably the wrong place to fix it. I think a qcow2 image that has bs->encrypted should always also have s->crypto, so we need to understand why this isn't the case here. Kevin
