[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 10/43] qcow2: Prevent numerical overflow
From: |
Michael Roth |
Subject: |
[Qemu-devel] [PATCH 10/43] qcow2: Prevent numerical overflow |
Date: |
Tue, 24 Feb 2015 15:47:45 -0600 |
From: Max Reitz <address@hidden>
In qcow2_alloc_cluster_offset(), *num is limited to
INT_MAX >> BDRV_SECTOR_BITS by all callers. However, since remaining is
of type uint64_t, we might as well cast *num to that type before
performing the shift.
Cc: address@hidden
Signed-off-by: Max Reitz <address@hidden>
Reviewed-by: Kevin Wolf <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit 11c89769dc3e638ef72915d97058411ddf79b64b)
Signed-off-by: Michael Roth <address@hidden>
---
block/qcow2-cluster.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index df0b2c9..1fea514 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -1263,7 +1263,7 @@ int qcow2_alloc_cluster_offset(BlockDriverState *bs,
uint64_t offset,
again:
start = offset;
- remaining = *num << BDRV_SECTOR_BITS;
+ remaining = (uint64_t)*num << BDRV_SECTOR_BITS;
cluster_offset = 0;
*host_offset = 0;
cur_bytes = 0;
--
1.9.1
- [Qemu-devel] Patch Round-up for stable 2.2.1, freeze on 2015-03-05, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 09/43] iotests: Add test for unsupported image creation, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 10/43] qcow2: Prevent numerical overflow,
Michael Roth <=
- [Qemu-devel] [PATCH 13/43] block/raw-posix: Fix ret in raw_open_common(), Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 14/43] block migration: fix return value, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 11/43] qcow2: Flushing the caches in qcow2_close may fail, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 16/43] qcow2.py: Add required padding for header extensions, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 18/43] linuxboot: fix loading old kernels, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 19/43] audio: Don't free hw resources until after hw backend is stopped, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 17/43] block: Don't probe for unknown backing file format, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 12/43] qcow2: Respect bdrv_truncate() error, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 01/43] block: Make essential BlockDriver objects public, Michael Roth, 2015/02/24
- [Qemu-devel] [PATCH 25/43] vl.c: fix regression when reading machine type from config file, Michael Roth, 2015/02/24