[libvirt] [PATCH 1/4] virsh: avoid integer overflow
Daniel P. Berrange
berrange at redhat.com
Thu Jun 30 14:25:08 UTC 2011
On Thu, Jun 30, 2011 at 08:14:53AM -0600, Eric Blake wrote:
> Detected by Coverity. info.nrVirtCpu is unsigned short, but if
> cpumaplen is int, then the product of the two in vshMalloc risks
> unintended sign extension. cmdVcpuinfo had already solved this
> by using size_t cpumaplen.
>
> * tools/virsh.c (cmdVcpuPin): Use correct type.
> ---
> tools/virsh.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/tools/virsh.c b/tools/virsh.c
> index d15d206..643f05c 100644
> --- a/tools/virsh.c
> +++ b/tools/virsh.c
> @@ -3025,7 +3025,7 @@ cmdVcpuPin(vshControl *ctl, const vshCmd *cmd)
> bool ret = true;
> unsigned char *cpumap = NULL;
> unsigned char *cpumaps = NULL;
> - int cpumaplen;
> + size_t cpumaplen;
> bool bit, lastbit, isInvert;
> int i, cpu, lastcpu, maxcpu, ncpus;
> bool unuse = false;
ACK
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list