On 01/30/2013 12:36 PM, John Ferlan wrote:
> The Coverity analysis emitted a BAD_SIZEOF error when doing the math
> within the TRACE macro. Doing the math outside the macro keeps Coverity quiet.
> ---
> src/rpc/virkeepalive.c | 14 +++++++-------
> 1 file changed, 7 insertions(+), 7 deletions(-)
>
> time_t now = time(NULL);
> + int timeval;
>
> if (ka->interval <= 0 || ka->intervalStart == 0)
> return false;
>
> if (now - ka->intervalStart < ka->interval) {
> - int timeout = ka->interval - (now - ka->intervalStart);
> - virEventUpdateTimeout(ka->timer, timeout * 1000);
> + timeval = ka->interval - (now - ka->intervalStart);
> + virEventUpdateTimeout(ka->timer, timeval * 1000);
> return false;
Eww - pre-existing bug, but we have the potential for multiplication
overflow, and for truncation if time_t is wider than int. We probably
ought to do a followup code to make this math more robust (by rejecting
any timeval input from the user that exceeds MAX_INT/1000). But that
doesn't affect Osier's ACK for this patch.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list