On 06/07/2011 07:34 AM, Matthias Bolte wrote:
> 2011/6/6 Eric Blake <eblake@xxxxxxxxxx>:
>> Detected by Coverity. The code was doing math on shifted unsigned
>> char (which promotes to int), then promoting that to unsigned long
>> during assignment to size. On 64-bit platforms, this risks sign
>> extending values of size > 2GiB. Bug present since commit
>> 489fd3 (v0.6.0).
>>
>> +#include <stdint.h>
>> #ifdef __linux__
>> # if HAVE_LINUX_MAGIC_H
>> # include <linux/magic.h>
>> @@ -274,7 +275,7 @@ qcowXGetBackingStore(char **res,
>> bool isQCow2)
>> {
>> unsigned long long offset;
>> - unsigned long size;
>> + uint32_t size;
>>
>> *res = NULL;
>> if (format)
>
> Using unsigned int instead of uint32_t would also work and avoid
> stdint.h types that the libvirt codebase avoids.
Sure, I'll push with that tweak.
--
Eric Blake eblake@xxxxxxxxxx +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list