[libvirt] [PATCH] util: fix off-by-one when expanding a bitmap

[Ján Tomko]

To make sure bit 'b' fits into the bitmap, we need to allocate b+1
bits, since we number from 0.

Adjust the bitmap test to use a multiple of 8 to catch this
invalid write.
---
 src/util/virbitmap.c  | 2 +-
 tests/virbitmaptest.c | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
index 0c04f1a..1b47d74 100644
--- a/src/util/virbitmap.c
+++ b/src/util/virbitmap.c
@@ -187,7 +187,7 @@ int virBitmapSetBit(virBitmapPtr bitmap, size_t b)
  */
 static int virBitmapExpand(virBitmapPtr map, size_t b)
 {
-    size_t new_len = VIR_DIV_UP(b, VIR_BITMAP_BITS_PER_UNIT);
+    size_t new_len = VIR_DIV_UP(b + 1, VIR_BITMAP_BITS_PER_UNIT);
 
     /* resize the memory if necessary */
     if (map->map_len < new_len) {
diff --git a/tests/virbitmaptest.c b/tests/virbitmaptest.c
index a17ef82..c2a06df 100644
--- a/tests/virbitmaptest.c
+++ b/tests/virbitmaptest.c
@@ -639,15 +639,15 @@ test12(const void *opaque ATTRIBUTE_UNUSED)
 
     TEST_MAP(0, "");
 
-    if (virBitmapSetBitExpand(map, 100) < 0)
+    if (virBitmapSetBitExpand(map, 120) < 0)
         goto cleanup;
 
-    TEST_MAP(101, "100");
+    TEST_MAP(121, "120");
 
     if (virBitmapClearBitExpand(map, 150) < 0)
         goto cleanup;
 
-    TEST_MAP(151, "100");
+    TEST_MAP(151, "120");
 
     virBitmapFree(map);
     if (virBitmapParseUnlimited("34,1023", &map) < 0)
-- 
2.10.2