[libvirt] [PATCH v2] qemu: Check the unsigned integer overflow
Osier Yang
jyang at redhat.com
Wed Mar 9 08:34:42 UTC 2011
As perhaps other hypervisor drivers use different capacity units,
do the checking in qemu driver instead of in conf/domain_conf.c.
---
src/qemu/qemu_command.c | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 198a4e2..59fd2ac 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1933,6 +1933,13 @@ qemuBuildVideoDevStr(virDomainVideoDefPtr video,
virBufferVSprintf(&buf, ",id=%s", video->info.alias);
if (video->type == VIR_DOMAIN_VIDEO_TYPE_QXL) {
+ if (video->vram > (UINT_MAX / 1024)) {
+ qemuReportError(VIR_ERR_INTERNAL_ERROR,
+ _("value for 'vram' must be less than '%u'"),
+ UINT_MAX / 1024);
+ goto error;
+ }
+
/* QEMU accepts bytes for vram_size. */
virBufferVSprintf(&buf, ",vram_size=%u", video->vram * 1024);
}
@@ -4043,6 +4050,13 @@ qemuBuildCommandLine(virConnectPtr conn,
if (def->videos[0]->type == VIR_DOMAIN_VIDEO_TYPE_QXL) {
if (def->videos[0]->vram &&
qemuCapsGet(qemuCaps, QEMU_CAPS_DEVICE)) {
+ if (def->videos[0]->vram > (UINT_MAX / 1024)) {
+ qemuReportError(VIR_ERR_INTERNAL_ERROR,
+ _("value for 'vram' must be less than '%u'"),
+ UINT_MAX / 1024);
+ goto error;
+ }
+
if (qemuCapsGet(qemuCaps, QEMU_CAPS_DEVICE_QXL_VGA))
virCommandAddArgFormat(cmd, "-global qxl-vga.vram_size=%u",
def->videos[0]->vram * 1024);
--
1.7.4
More information about the libvir-list
mailing list