On 09/11/2014 06:06 PM, John Ferlan wrote: > Coverity complains that the condition "size + 1 == 0" cannot happen. > Since 'size' is unsigned 32bit value set using virReadBufInt32BE. > Thus rather than + 1, it seems the comparison should be is it at > max now and if so, return the failure. > > Signed-off-by: John Ferlan <jferlan@xxxxxxxxxx> > --- > src/util/virstoragefile.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c > index 299edcd..0219ce8 100644 > --- a/src/util/virstoragefile.c > +++ b/src/util/virstoragefile.c > @@ -393,7 +393,7 @@ qcowXGetBackingStore(char **res, > } > if (offset + size > buf_size || offset + size < offset) > return BACKING_STORE_INVALID; > - if (size + 1 == 0) > + if (size == UINT_MAX) Is this dead code? After all, we just checked that offset+size is not larger than buf_size (and buf_size is smaller than UINT_MAX); and also that offset+size didn't overflow. > return BACKING_STORE_INVALID; > if (VIR_ALLOC_N(*res, size + 1) < 0) > return BACKING_STORE_ERROR; > -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list