summaryrefslogtreecommitdiff
path: root/include/fpu
diff options
context:
space:
mode:
authorMax Reitz <mreitz@redhat.com>2016-06-20 16:26:23 +0200
committerMax Reitz <mreitz@redhat.com>2016-07-13 13:41:38 +0200
commitc834cba90521576224c30b15ebb4d6aeab7b42c4 (patch)
tree1b43ac7b6bcbf994e04065fcb3287ae574760c7a /include/fpu
parenta367467995d0528fe591d87ca2e437c7b7d7951b (diff)
downloadqemu-c834cba90521576224c30b15ebb4d6aeab7b42c4.tar.gz
qemu-c834cba90521576224c30b15ebb4d6aeab7b42c4.tar.bz2
qemu-c834cba90521576224c30b15ebb4d6aeab7b42c4.zip
qcow2: Fix qcow2_get_cluster_offset()
Recently, qcow2_get_cluster_offset() has been changed to work with bytes instead of sectors. This invalidated some assertions and introduced a possible integer multiplication overflow. This could be reproduced using e.g. $ qemu-img create -f qcow2 -o cluster_size=1M blub.qcow2 8G Formatting 'foo.qcow2', fmt=qcow2 size=8589934592 encryption=off cluster_size=1048576 lazy_refcounts=off refcount_bits=16 $ qemu-io -c map blub.qcow2 qemu-io: qemu/block/qcow2-cluster.c:504: qcow2_get_cluster_offset: Assertion `bytes_needed <= INT_MAX' failed. [1] 20775 abort (core dumped) qemu-io -c map foo.qcow2 This patch removes the now wrong assertion, adding comments and more assertions to prove its correctness (and fixing the overflow which would become apparent with the original assertion removed). Signed-off-by: Max Reitz <mreitz@redhat.com> Message-id: 20160620142623.24471-3-mreitz@redhat.com Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Max Reitz <mreitz@redhat.com>
Diffstat (limited to 'include/fpu')
0 files changed, 0 insertions, 0 deletions