qemu-stable
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-stable] [PATCH v3 10/13] qcow2: Prevent numerical overflow

From: Max Reitz
Subject: [Qemu-stable] [PATCH v3 10/13] qcow2: Prevent numerical overflow
Date: Tue, 2 Dec 2014 18:32:50 +0100 
In qcow2_alloc_cluster_offset(), *num is limited to
INT_MAX >> BDRV_SECTOR_BITS by all callers. However, since remaining is
of type uint64_t, we might as well cast *num to that type before
performing the shift.

Cc: address@hidden
Signed-off-by: Max Reitz <address@hidden>
Reviewed-by: Kevin Wolf <address@hidden>
---
 block/qcow2-cluster.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index df0b2c9..1fea514 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -1263,7 +1263,7 @@ int qcow2_alloc_cluster_offset(BlockDriverState *bs, 
uint64_t offset,
 
 again:
     start = offset;
-    remaining = *num << BDRV_SECTOR_BITS;
+    remaining = (uint64_t)*num << BDRV_SECTOR_BITS;
     cluster_offset = 0;
     *host_offset = 0;
     cur_bytes = 0;
-- 
1.9.3
reply via email to
[Prev in Thread] Current Thread [Next in Thread]