block: Detect multiplication overflow in bdrv_getlength

Bogus image may have a large total_sectors that will overflow the multiplication. For cleanness, fix the return code so the error message will be meaningful. Reported-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Fam Zheng <famz@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
author: Fam Zheng 2015-05-15 10:36:05 +0200
committer: Kevin Wolf 2015-05-22 17:08:01 +0200
commit: 4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09 (patch)
tree: 9802cb9b558882a5df9c4de016c937d3047572f4
parent: qemu-io: Use getopt() correctly (diff)
download: qemu-4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09.tar.gz
qemu-4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09.tar.xz
qemu-4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/block.c b/block.c
index 325f7272fe..f42d70e791 100644
--- a/block.c
+++ b/block.c
@@ -2341,6 +2341,7 @@ int64_t bdrv_getlength(BlockDriverState *bs)
 {
     int64_t ret = bdrv_nb_sectors(bs);
 
+    ret = ret > INT64_MAX / BDRV_SECTOR_SIZE ? -EFBIG : ret;
     return ret < 0 ? ret : ret * BDRV_SECTOR_SIZE;
 }
author	Fam Zheng	2015-05-15 10:36:05 +0200
committer	Kevin Wolf	2015-05-22 17:08:01 +0200
commit	4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09 (patch)
tree	9802cb9b558882a5df9c4de016c937d3047572f4
parent	qemu-io: Use getopt() correctly (diff)
download	qemu-4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09.tar.gz qemu-4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09.tar.xz qemu-4a9c9ea0d318bec2f67848c5ceaf4ad5bcb91d09.zip