On Fri, Mar 09, 2018 at 06:27:12PM +0100, Kevin Wolf wrote: > When you request an image size close to UINT64_MAX, the addition of the > crypto header may cause an integer overflow. Catch it instead of > silently truncating the image size. > > Signed-off-by: Kevin Wolf <kw...@redhat.com> > --- > block/crypto.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/block/crypto.c b/block/crypto.c > index 4908d8627f..1b46519c53 100644 > --- a/block/crypto.c > +++ b/block/crypto.c > @@ -102,6 +102,11 @@ static ssize_t block_crypto_init_func(QCryptoBlock > *block, > { > struct BlockCryptoCreateData *data = opaque; > > + if (headerlen > UINT64_MAX - data->size) { > + error_setg(errp, "The requested file size is too large"); > + return -EFBIG; > + } > + > /* User provided size should reflect amount of space made > * available to the guest, so we must take account of that > * which will be used by the crypto header
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com> (if using INT64_MAX as Eric suggests) Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|