[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-stable] [PATCH 75/88] qcow2: Prevent numerical overflow
|
From: |
Michael Roth |
|
Subject: |
[Qemu-stable] [PATCH 75/88] qcow2: Prevent numerical overflow |
|
Date: |
Thu, 8 Jan 2015 11:34:19 -0600 |
From: Max Reitz <address@hidden>
In qcow2_alloc_cluster_offset(), *num is limited to
INT_MAX >> BDRV_SECTOR_BITS by all callers. However, since remaining is
of type uint64_t, we might as well cast *num to that type before
performing the shift.
Cc: address@hidden
Signed-off-by: Max Reitz <address@hidden>
Reviewed-by: Kevin Wolf <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
(cherry picked from commit 11c89769dc3e638ef72915d97058411ddf79b64b)
Signed-off-by: Michael Roth <address@hidden>
---
block/qcow2-cluster.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 26827a2..769e68d 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -1202,7 +1202,7 @@ int qcow2_alloc_cluster_offset(BlockDriverState *bs,
uint64_t offset,
again:
start = offset;
- remaining = *num << BDRV_SECTOR_BITS;
+ remaining = (uint64_t)*num << BDRV_SECTOR_BITS;
cluster_offset = 0;
*host_offset = 0;
cur_bytes = 0;
--
1.9.1
- [Qemu-stable] [PATCH 76/88] qcow2: Flushing the caches in qcow2_close may fail, (continued)
- [Qemu-stable] [PATCH 76/88] qcow2: Flushing the caches in qcow2_close may fail, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 79/88] block migration: fix return value, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 77/88] qcow2: Respect bdrv_truncate() error, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 78/88] block/raw-posix: Fix ret in raw_open_common(), Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 80/88] qcow2: Fix header extension size check, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 82/88] block: Don't probe for unknown backing file format, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 83/88] linuxboot: compute initrd loading address, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 84/88] linuxboot: fix loading old kernels, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 87/88] target-xtensa: test cross-page opcode, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 85/88] audio: Don't free hw resources until after hw backend is stopped, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 75/88] qcow2: Prevent numerical overflow,
Michael Roth <=
- [Qemu-stable] [PATCH 81/88] qcow2.py: Add required padding for header extensions, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 86/88] target-xtensa: fix translation for opcodes crossing page boundary, Michael Roth, 2015/01/08
- [Qemu-stable] [PATCH 88/88] pc: acpi: mark all possible CPUs as enabled in SRAT, Michael Roth, 2015/01/08
- Re: [Qemu-stable] [Qemu-devel] Patch Round-up for stable 2.1.3, freeze on 2015-01-14, Marcel Apfelbaum, 2015/01/09
- Re: [Qemu-stable] Patch Round-up for stable 2.1.3, freeze on 2015-01-14, Paolo Bonzini, 2015/01/09
- Re: [Qemu-stable] [Qemu-devel] Patch Round-up for stable 2.1.3, freeze on 2015-01-14, William Dauchy, 2015/01/13
- Re: [Qemu-stable] [Qemu-devel] Patch Round-up for stable 2.1.3, freeze on 2015-01-14, Marcel Apfelbaum, 2015/01/13
- Re: [Qemu-stable] [Qemu-devel] Patch Round-up for stable 2.1.3, freeze on 2015-01-14, Michael Roth, 2015/01/13
- Re: [Qemu-stable] Patch Round-up for stable 2.1.3, freeze on 2015-01-14, Paolo Bonzini, 2015/01/13
- Re: [Qemu-stable] Patch Round-up for stable 2.1.3, freeze on 2015-01-14, Michael Roth, 2015/01/13