From 902b27d0b8d5bfa840eaf389d7cbcc28b57e3fbe Mon Sep 17 00:00:00 2001
From: aurel32 <aurel32@c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Tue, 11 Mar 2008 17:17:59 +0000
Subject: Fix CVE-2008-0928 - insufficient block device address range checking

Qemu 0.9.1 and earlier does not perform range checks for block device
read or write requests, which allows guest host users with root
privileges to access arbitrary memory and escape the virtual machine.


git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@4037 c046a42c-6fe2-441c-8c8c-71466251a162
---
 block.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'block.h')

diff --git a/block.h b/block.h
index b730505..0673a63 100644
--- a/block.h
+++ b/block.h
@@ -45,6 +45,7 @@ typedef struct QEMUSnapshotInfo {
                                      it (default for
                                      bdrv_file_open()) */
 #define BDRV_O_DIRECT      0x0020
+#define BDRV_O_AUTOGROW    0x0040 /* Allow backing file to extend when writing past end of file */
 
 #ifndef QEMU_IMG
 void bdrv_info(void);
-- 
cgit v1.1