On Tue, Feb 28, 2012 at 9:47 AM, Kevin Wolf <kw...@redhat.com> wrote: > Am 28.02.2012 10:33, schrieb Stefan Hajnoczi: >> On Mon, Feb 27, 2012 at 4:27 PM, Kevin Wolf <kw...@redhat.com> wrote: >>> + if (ext.len > 65536) { >>> + error_report("Header extension larger than 64k - this looks >>> wrong"); >>> + return -ENOTSUP; >>> + } >> >> This is an implementation limit and not in the spec, but I think it's >> reasonable. >> >> Reviewed-by: Stefan Hajnoczi <stefa...@linux.vnet.ibm.com> > > Hm, actually, now that I look at this patch again, I think there's a > much better error condition that even matches the spec: > > if (offset + ext.len > end_offset)
Careful, integer overflow. Stefan