From: Peter Maydell Date: Tue, 1 Apr 2014 17:23:28 +0000 (+0100) Subject: Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=53e11bd384a799c03884bd7d8b5be53f025f8e2d;p=qemu.git Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into staging Block pull request # gpg: Signature made Tue 01 Apr 2014 18:11:16 BST using RSA key ID 81AB73C8 # gpg: Good signature from "Stefan Hajnoczi " # gpg: aka "Stefan Hajnoczi " * remotes/stefanha/tags/block-pull-request: (51 commits) qcow2: link all L2 meta updates in preallocate() parallels: Sanity check for s->tracks (CVE-2014-0142) parallels: Fix catalog size integer overflow (CVE-2014-0143) qcow2: Limit snapshot table size qcow2: Check maximum L1 size in qcow2_snapshot_load_tmp() (CVE-2014-0143) qcow2: Fix L1 allocation size in qcow2_snapshot_load_tmp() (CVE-2014-0145) qcow2: Fix NULL dereference in qcow2_open() error path (CVE-2014-0146) qcow2: Fix copy_sectors() with VM state block: Limit request size (CVE-2014-0143) block: vdi bounds check qemu-io tests dmg: prevent chunk buffer overflow (CVE-2014-0145) dmg: use uint64_t consistently for sectors and lengths dmg: sanitize chunk length and sectorcount (CVE-2014-0145) dmg: use appropriate types when reading chunks dmg: drop broken bdrv_pread() loop dmg: prevent out-of-bounds array access on terminator dmg: coding style and indentation cleanup qcow2: Fix new L1 table size check (CVE-2014-0143) qcow2: Protect against some integer overflows in bdrv_check qcow2: Fix types in qcow2_alloc_clusters and alloc_clusters_noref ... Signed-off-by: Peter Maydell --- 53e11bd384a799c03884bd7d8b5be53f025f8e2d