[libvirt] [PATCH 1/4] virsh: avoid integer overflow
Eric Blake
eblake at redhat.com
Thu Jun 30 14:14:53 UTC 2011
Detected by Coverity. info.nrVirtCpu is unsigned short, but if
cpumaplen is int, then the product of the two in vshMalloc risks
unintended sign extension. cmdVcpuinfo had already solved this
by using size_t cpumaplen.
* tools/virsh.c (cmdVcpuPin): Use correct type.
---
tools/virsh.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/virsh.c b/tools/virsh.c
index d15d206..643f05c 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -3025,7 +3025,7 @@ cmdVcpuPin(vshControl *ctl, const vshCmd *cmd)
bool ret = true;
unsigned char *cpumap = NULL;
unsigned char *cpumaps = NULL;
- int cpumaplen;
+ size_t cpumaplen;
bool bit, lastbit, isInvert;
int i, cpu, lastcpu, maxcpu, ncpus;
bool unuse = false;
--
1.7.4.4
More information about the libvir-list
mailing list