]> git.proxmox.com Git - mirror_qemu.git/commitdiff
projects / mirror_qemu.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b681072)
vmdk: Fix vmdk_parse_extents
authorFam Zheng <famz@redhat.com>
Fri, 11 Oct 2013 11:48:29 +0000 (19:48 +0800)
committerKevin Wolf <kwolf@redhat.com>
Fri, 11 Oct 2013 14:50:02 +0000 (16:50 +0200)
An extra 'p++' after while loop when *p == '\n' will move p to unknown
data position, risking parsing junk data or memory access violation.

Cc: qemu-stable@nongnu.org
Signed-off-by: Fam Zheng <famz@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
block/vmdk.c patch | blob | blame | history

diff --git a/block/vmdk.c b/block/vmdk.c
index 709aa3deb06cb452fa8c8d2b33a06180a21e0b43..5a9f2787f84520d237b7b03a0dc75d2670c8e0ec 100644 (file)
--- a/block/vmdk.c
+++ b/block/vmdk.c
@@ -772,10 +772,13 @@ static int vmdk_parse_extents(const char *desc, BlockDriverState *bs,
         }
 next_line:
         /* move to next line */
-        while (*p && *p != '\n') {
+        while (*p) {
+            if (*p == '\n') {
+                p++;
+                break;
+            }
             p++;
         }
-        p++;
     }
     return 0;
 }
QEMU mirror