VirtualBox

Changeset 77773 in vbox for trunk/src/VBox


Ignore:
Timestamp:
Mar 18, 2019 10:33:07 PM (6 years ago)
Author:
vboxsync
Message:

Storage/VMDK: Limit the maximum supported descriptor size to avoid allocating excessive amounts of memory later on

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/VBox/Storage/VMDK.cpp

    r76904 r77773  
    137137} SparseExtentHeader;
    138138#pragma pack()
     139
     140/** The maximum allowed descriptor size in the extent header in sectors. */
     141#define VMDK_SPARSE_DESCRIPTOR_SIZE_MAX UINT64_C(20480) /* 10MB */
    139142
    140143/** VMDK capacity for a single chunk when 2G splitting is turned on. Should be
     
    25842587    {
    25852588        rc = vdIfError(pImage->pIfError, VERR_VD_VMDK_INVALID_HEADER, RT_SRC_POS, N_("VMDK: corrupted by CR/LF translation in '%s'"), pExtent->pszFullname);
     2589        return rc;
     2590    }
     2591    if (RT_LE2H_U64(pHeader->descriptorSize) > VMDK_SPARSE_DESCRIPTOR_SIZE_MAX)
     2592    {
     2593        rc = vdIfError(pImage->pIfError, VERR_VD_VMDK_INVALID_HEADER, RT_SRC_POS, N_("VMDK: descriptor size out of bounds (%llu vs %llu) '%s'"),
     2594                       pExtent->pszFullname, RT_LE2H_U64(pHeader->descriptorSize), VMDK_SPARSE_DESCRIPTOR_SIZE_MAX);
    25862595        return rc;
    25872596    }
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette