aboutsummaryrefslogtreecommitdiff
path: root/block
AgeCommit message (Expand)AuthorFilesLines
2014-04-01qcow2: Limit snapshot table sizeKevin Wolf2-1/+18
2014-04-01qcow2: Check maximum L1 size in qcow2_snapshot_load_tmp() (CVE-2014-0143)Kevin Wolf3-3/+9
2014-04-01qcow2: Fix L1 allocation size in qcow2_snapshot_load_tmp() (CVE-2014-0145)Kevin Wolf1-1/+1
2014-04-01qcow2: Fix NULL dereference in qcow2_open() error path (CVE-2014-0146)Kevin Wolf1-3/+4
2014-04-01qcow2: Fix copy_sectors() with VM stateKevin Wolf1-9/+0
2014-04-01dmg: prevent chunk buffer overflow (CVE-2014-0145)Stefan Hajnoczi1-6/+33
2014-04-01dmg: use uint64_t consistently for sectors and lengthsStefan Hajnoczi1-3/+3
2014-04-01dmg: sanitize chunk length and sectorcount (CVE-2014-0145)Stefan Hajnoczi1-0/+24
2014-04-01dmg: use appropriate types when reading chunksStefan Hajnoczi1-1/+2
2014-04-01dmg: drop broken bdrv_pread() loopStefan Hajnoczi1-13/+2
2014-04-01dmg: prevent out-of-bounds array access on terminatorStefan Hajnoczi1-1/+1
2014-04-01dmg: coding style and indentation cleanupStefan Hajnoczi1-104/+120
2014-04-01qcow2: Fix new L1 table size check (CVE-2014-0143)Kevin Wolf1-1/+1
2014-04-01qcow2: Protect against some integer overflows in bdrv_checkKevin Wolf1-9/+9
2014-04-01qcow2: Fix types in qcow2_alloc_clusters and alloc_clusters_norefKevin Wolf2-8/+9
2014-04-01qcow2: Check new refcount table size on growthKevin Wolf3-3/+14
2014-04-01qcow2: Avoid integer overflow in get_refcount (CVE-2014-0143)Kevin Wolf1-1/+1
2014-04-01qcow2: Don't rely on free_cluster_index in alloc_refcount_block() (CVE-2014-0...Kevin Wolf2-40/+43
2014-04-01qcow2: Fix backing file name length checkKevin Wolf1-3/+6
2014-04-01qcow2: Validate active L1 table offset and size (CVE-2014-0144)Kevin Wolf1-0/+16
2014-04-01qcow2: Validate snapshot table offset/size (CVE-2014-0144)Kevin Wolf3-26/+47
2014-04-01qcow2: Validate refcount table offsetKevin Wolf1-0/+33
2014-04-01qcow2: Check refcount table size (CVE-2014-0144)Kevin Wolf2-1/+12
2014-04-01qcow2: Check backing_file_offset (CVE-2014-0144)Kevin Wolf1-0/+6
2014-04-01qcow2: Check header_length (CVE-2014-0144)Kevin Wolf1-9/+25
2014-04-01curl: check data size before memcpy to local buffer. (CVE-2014-0144)Fam Zheng1-0/+5
2014-04-01vhdx: Bounds checking for block_size and logical_sector_size (CVE-2014-0148)Jeff Cody1-2/+10
2014-04-01vdi: add bounds checks for blocks_in_image and disk_size header fields (CVE-2...Jeff Cody1-4/+33
2014-04-01vpc: Validate block size (CVE-2014-0142)Kevin Wolf1-0/+5
2014-04-01vpc/vhd: add bounds check for max_table_entries and block_size (CVE-2014-0144)Jeff Cody1-4/+23
2014-04-01bochs: Fix bitmap offset calculationKevin Wolf1-2/+3
2014-04-01bochs: Check extent_size header field (CVE-2014-0142)Kevin Wolf1-0/+8
2014-04-01bochs: Check catalog_size header field (CVE-2014-0143)Kevin Wolf1-0/+13
2014-04-01bochs: Use unsigned variables for offsets and sizes (CVE-2014-0147)Kevin Wolf1-8/+8
2014-04-01bochs: Unify header structs and make them QEMU_PACKEDKevin Wolf1-42/+25
2014-04-01block/cloop: fix offsets[] size off-by-oneStefan Hajnoczi1-7/+5
2014-04-01block/cloop: refuse images with bogus offsets (CVE-2014-0144)Stefan Hajnoczi1-5/+29
2014-04-01block/cloop: refuse images with huge offsets arrays (CVE-2014-0144)Stefan Hajnoczi1-0/+9
2014-04-01block/cloop: prevent offsets_size integer overflow (CVE-2014-0143)Stefan Hajnoczi1-0/+7
2014-04-01block/cloop: validate block_size header field (CVE-2014-0144)Stefan Hajnoczi1-0/+23
2014-04-01qcow2: fix two memory leaks in qcow2_open error code pathPrasad Joshi1-0/+4
2014-04-01vvfat: Fix :floppy: option to suppress partition tableMarkus Armbruster1-1/+1
2014-03-25mirror: fix early wake from sleep due to aioStefan Hajnoczi1-1/+8
2014-03-25mirror: fix throttling delay calculationPaolo Bonzini1-13/+15
2014-03-25Fixed various typosDeepak Kathayat5-8/+8
2014-03-19block/nfs: report errors from libnfsPeter Lieven1-0/+3
2014-03-19qcow2: Fix fail path in realloc_refcount_block()Max Reitz1-16/+18
2014-03-19qcow2: Correct comment for realloc_refcount_block()Max Reitz1-1/+1
2014-03-19block: Add error handling to bdrv_invalidate_cache()Kevin Wolf3-8/+44
2014-03-14nbd: close socket if connection breaksStefan Hajnoczi1-15/+18
generated by cgit v1.1 at 2025-02-06 15:47:16 +0000