[libvirt] [PATCH 1/2] qemu-JSON: Error out if number is out of range instead of overflowing to negative

[Peter Krempa]

Commit 78eb8b60d59662271c4a9a1be8c9002ee84dc8cf works around qemu's inability to
parse unsigned 64 bit integers by representing them as signed. This introduces a
bug where if the requested integer is greater than LLONG_MAX the result is
wrapped to negative numbers.

This patch adds a check to avoid the wrap for unsigned numbers and error out
rather than passing them along.
---
 src/qemu/qemu_monitor_json.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 1bf8baf..6cc21ee 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -460,10 +460,16 @@ qemuMonitorJSONMakeCommandRaw(bool wrap, const char *cmdname, ...)
         case 'U': {
             /* qemu silently truncates numbers larger than LLONG_MAX,
              * so passing the full range of unsigned 64 bit integers
-             * is not safe here.  Pass them as signed 64 bit integers
-             * instead.
+             * is not safe here.  Limit them to LLONG_MAX.
              */
             long long val = va_arg(args, long long);
+            if (val < 0) {
+                virReportError(VIR_ERR_OVERFLOW,
+                               _("Value of '%s' can't be represented in JSON: "
+                                 "value too big (%llu > %lld)"),
+                               key, val, LLONG_MAX);
+                goto error;
+            }
             ret = virJSONValueObjectAppendNumberLong(jargs, key, val);
         }   break;
         case 'd': {
-- 
1.8.1.5