[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] domain builder: Fix sanity check for gzip size.

# HG changeset patch
# User kfraser@xxxxxxxxxxxxxxxxxxxxx
# Date 1177598569 -3600
# Node ID 58205257517d100282783f4c192106de5bf65ef9
# Parent  d0acb5a3e8d8540ceb936a01a14e033619af5226
domain builder: Fix sanity check for gzip size.
Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx>
---
 tools/libxc/xc_dom_core.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff -r d0acb5a3e8d8 -r 58205257517d tools/libxc/xc_dom_core.c
--- a/tools/libxc/xc_dom_core.c Thu Apr 26 15:36:09 2007 +0100
+++ b/tools/libxc/xc_dom_core.c Thu Apr 26 15:42:49 2007 +0100
@@ -209,13 +209,13 @@ size_t xc_dom_check_gzip(void *blob, siz
     unsigned char *gzlen;
     size_t unziplen;
 
-    if (strncmp(blob, "\037\213", 2))
+    if ( strncmp(blob, "\037\213", 2) )
         /* not gzipped */
         return 0;
 
     gzlen = blob + ziplen - 4;
     unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0];
-    if ( (unziplen < ziplen) || (unziplen > (ziplen * 8)) )
+    if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */
     {
         xc_dom_printf
             ("%s: size (zip %zd, unzip %zd) looks insane, skip gunzip\n",

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.