vpc file causes qemu-img to consume lots of time and memory
Bug #1462944 reported by
Richard Jones
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
QEMU |
Expired
|
Undecided
|
Unassigned |
Bug Description
The attached vpc file causes 'qemu-img info' to consume 3 or 4 seconds of CPU time and 1.3 GB of heap, causing a minor denial of service.
$ /usr/bin/time ~/d/qemu/qemu-img info afl12.img
block-vpc: The header checksum of 'afl12.img' is incorrect.
qemu-img: Could not open 'afl12.img': block-vpc: free_data_
1.19user 3.15system 0:04.35elapsed 99%CPU (0avgtext+0avgdata 1324504maxresid
0inputs+0outputs (0major+
The file was found using american-fuzzy-lop.
To post a comment you must log in.
This slightly modified example takes about 7 seconds and 2 GB of heap:
$ /usr/bin/time ~/d/qemu/qemu-img info /mnt/scratch/ afl13.img afl13.img' is incorrect. afl13.img' : block-vpc: free_data_ block_offset points after the end of file. The image has been truncated. ent)k 507536minor) pagefaults 0swaps
block-vpc: The header checksum of '/mnt/scratch/
qemu-img: Could not open '/mnt/scratch/
1.84user 5.72system 0:07.59elapsed 99%CPU (0avgtext+0avgdata 2045496maxresid
8inputs+0outputs (0major+