[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v2 2/2] hvmloader: use bound checking in get_module_entry
Coverity complains: overflow_before_widen: Potentially overflowing expression info->nr_modules * 32U with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type uint64_t (64 bits, unsigned). The overflow is unlikely to happen in reality because we only expect a few modules. Fix that by converting the check to use bound checking to placate Coverity. Signed-off-by: Wei Liu <wei.liu2@xxxxxxxxxx> --- tools/firmware/hvmloader/hvmloader.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/firmware/hvmloader/hvmloader.c b/tools/firmware/hvmloader/hvmloader.c index 7b32d86..bbd4e34 100644 --- a/tools/firmware/hvmloader/hvmloader.c +++ b/tools/firmware/hvmloader/hvmloader.c @@ -272,8 +272,8 @@ const struct hvm_modlist_entry *get_module_entry( if ( !modlist || info->modlist_paddr > UINTPTR_MAX || - (info->modlist_paddr + info->nr_modules * sizeof(*modlist) - 1) - > UINTPTR_MAX ) + (UINTPTR_MAX - (uintptr_t)info->modlist_paddr) / sizeof(*modlist) + < info->nr_modules ) return NULL; for ( i = 0; i < info->nr_modules; i++ ) -- 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |