On Mon, Jan 30, 2017 at 04:19:55PM +0100, Ján Tomko wrote:
To make sure bit 'b' fits into the bitmap, we need to allocate b+1 bits, since we number from 0. Adjust the bitmap test to use a multiple of 8 to catch this invalid write.
If I apply only the test hunks and not the actual fix, the tests don't fail for me. Am I missing something? If yes, it'd be nice to add it to the commit message.
---
src/util/virbitmap.c | 2 +-
tests/virbitmaptest.c | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
index 0c04f1a..1b47d74 100644
--- a/src/util/virbitmap.c
+++ b/src/util/virbitmap.c
@@ -187,7 +187,7 @@ int virBitmapSetBit(virBitmapPtr bitmap, size_t b)
*/
static int virBitmapExpand(virBitmapPtr map, size_t b)
{
- size_t new_len = VIR_DIV_UP(b, VIR_BITMAP_BITS_PER_UNIT);
+ size_t new_len = VIR_DIV_UP(b + 1, VIR_BITMAP_BITS_PER_UNIT);
/* resize the memory if necessary */
if (map->map_len < new_len) {
diff --git a/tests/virbitmaptest.c b/tests/virbitmaptest.c
index a17ef82..c2a06df 100644
--- a/tests/virbitmaptest.c
+++ b/tests/virbitmaptest.c
@@ -639,15 +639,15 @@ test12(const void *opaque ATTRIBUTE_UNUSED)
TEST_MAP(0, "");
- if (virBitmapSetBitExpand(map, 100) < 0)
+ if (virBitmapSetBitExpand(map, 120) < 0)
goto cleanup;
- TEST_MAP(101, "100");
+ TEST_MAP(121, "120");
if (virBitmapClearBitExpand(map, 150) < 0)
goto cleanup;
- TEST_MAP(151, "100");
+ TEST_MAP(151, "120");
virBitmapFree(map);
if (virBitmapParseUnlimited("34,1023", &map) < 0)
--
2.10.2
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
Attachment:
signature.asc
Description: Digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
