[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-trivial] [PULL 25/31] hw/display/framebuffer.c: Avoid overflow for
From: |
Michael Tokarev |
Subject: |
[Qemu-trivial] [PULL 25/31] hw/display/framebuffer.c: Avoid overflow for framebuffers > 4GB |
Date: |
Tue, 24 Jan 2017 12:39:29 +0300 |
From: Peter Maydell <address@hidden>
Coverity points out that calculating src_len by multiplying
src_width by rows could overflow. This can only happen in
the implausible case of a framebuffer larger than 4GB, but
we may as well fix it, placating Coverity. (CID1005515)
Signed-off-by: Peter Maydell <address@hidden>
Signed-off-by: Michael Tokarev <address@hidden>
---
hw/display/framebuffer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/display/framebuffer.c b/hw/display/framebuffer.c
index df51358..25aa46c 100644
--- a/hw/display/framebuffer.c
+++ b/hw/display/framebuffer.c
@@ -78,7 +78,7 @@ void framebuffer_update_display(
i = *first_row;
*first_row = -1;
- src_len = src_width * rows;
+ src_len = (hwaddr)src_width * rows;
mem = mem_section->mr;
if (!mem) {
--
2.1.4
- [Qemu-trivial] [PULL 12/31] qemu-img: remove dead check, (continued)
- [Qemu-trivial] [PULL 12/31] qemu-img: remove dead check, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 09/31] object.h: spelling fix, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 01/31] doc: don't mention -memory, it is -m, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 02/31] hw/block/m25p80: Fix typo in local macro name, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 17/31] hw/i386/kvmvapic: Remove dead code in patch_hypercalls(), Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 06/31] hw: Fix typos found by codespell, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 13/31] pci-assign: avoid pointless stat, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 28/31] gdbstub.c: fix GDB connection segfault caused by empty machines, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 31/31] hw/isa/isa-bus: Set category of the "isabus-bridge" device, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 19/31] disas/cris.c: Fix Coverity warning about unchecked NULL, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 25/31] hw/display/framebuffer.c: Avoid overflow for framebuffers > 4GB,
Michael Tokarev <=
- [Qemu-trivial] [PULL 03/31] README: Add linux to macOS build info, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 30/31] usb: Set category and description of the MTP device, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 22/31] util/mmap-alloc: check parameter before using, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 16/31] doc/usb2: fix typo, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 21/31] vfio: remove a duplicated word in comments, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 05/31] include: Fix typos found by codespell, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 07/31] qemu-options: cleanup duplicated help message for kernel_irqchip, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 29/31] gdbstub.c: update old error report statements, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 27/31] scsi-disk: add 'fall through' comment to switch VERIFY cases, Michael Tokarev, 2017/01/24
- [Qemu-trivial] [PULL 18/31] lm32: milkymist-tmu2: fix another integer overflow, Michael Tokarev, 2017/01/24