[libvirt PATCH v2 1/2] virFileReadLimFD: Cast maxlen to size_t before adding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

If the function is called with maxlen equal to `INT_MAX`, adding
one will trigger a signed integer overflow.

Signed-off-by: Tim Wiederhake <twiederh@xxxxxxxxxx>
---
 src/util/virfile.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/util/virfile.c b/src/util/virfile.c
index 723e1ca6e5..ad491251a2 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -1422,7 +1422,7 @@ virFileReadLimFD(int fd, int maxlen, char **buf)
         errno = EINVAL;
         return -1;
     }
-    s = saferead_lim(fd, maxlen+1, &len);
+    s = saferead_lim(fd, (size_t) maxlen + 1, &len);
     if (s == NULL)
         return -1;
     if (len > maxlen || (int)len != len) {
-- 
2.31.1
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux