[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 60/73] qcow2: Prevent numerical overflow
From: |
Kevin Wolf |
Subject: |
[Qemu-devel] [PULL 60/73] qcow2: Prevent numerical overflow |
Date: |
Wed, 10 Dec 2014 11:34:26 +0100 |
From: Max Reitz <address@hidden>
In qcow2_alloc_cluster_offset(), *num is limited to
INT_MAX >> BDRV_SECTOR_BITS by all callers. However, since remaining is
of type uint64_t, we might as well cast *num to that type before
performing the shift.
Cc: address@hidden
Signed-off-by: Max Reitz <address@hidden>
Reviewed-by: Kevin Wolf <address@hidden>
Signed-off-by: Kevin Wolf <address@hidden>
---
block/qcow2-cluster.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index df0b2c9..1fea514 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -1263,7 +1263,7 @@ int qcow2_alloc_cluster_offset(BlockDriverState *bs,
uint64_t offset,
again:
start = offset;
- remaining = *num << BDRV_SECTOR_BITS;
+ remaining = (uint64_t)*num << BDRV_SECTOR_BITS;
cluster_offset = 0;
*host_offset = 0;
cur_bytes = 0;
--
1.8.3.1
- [Qemu-devel] [PULL 49/73] ide: Check validity of logical block size, (continued)
- [Qemu-devel] [PULL 49/73] ide: Check validity of logical block size, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 52/73] block: Omit bdrv_find_format for essential drivers, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 50/73] iotests: Specify qcow2 format for qemu-io in 059, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 51/73] block: Make essential BlockDriver objects public, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 53/73] block/vvfat: qcow driver may not be found, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 54/73] block/nfs: Add create_opts, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 56/73] qemu-img: Check create_opts before image creation, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 57/73] qemu-img: Check create_opts before image amendment, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 55/73] block: Check create_opts before image creation, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 58/73] iotests: Only kill NBD server if it runs, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 60/73] qcow2: Prevent numerical overflow,
Kevin Wolf <=
- [Qemu-devel] [PULL 62/73] qcow2: Respect bdrv_truncate() error, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 61/73] qcow2: Flushing the caches in qcow2_close may fail, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 65/73] block: remove BLOCK_OPT_NOCOW from vdi_create_opts, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 63/73] block/raw-posix: Fix ret in raw_open_common(), Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 66/73] block: remove BLOCK_OPT_NOCOW from vpc_create_opts, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 68/73] vmdk: Use g_random_int to generate CID, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 69/73] vmdk: Fix comment to match code of extent lines, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 71/73] vmdk: Check descriptor file length when reading it, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 70/73] vmdk: Clean up descriptor file reading, Kevin Wolf, 2014/12/10
- [Qemu-devel] [PULL 67/73] block: Use g_new0() for a bit of extra type checking, Kevin Wolf, 2014/12/10