[v1] fix bugs reported by Clang Static Analyzer

[Qemu-devel] [PATCH for 2.10 02/35] loader: check get_image_size() return value

Posted by Philippe Mathieu-Daudé 8 years, 3 months ago

since a negative value means it errored.

hw/core/loader.c:149:9: warning: Loss of sign in implicit conversion
    if (size > max_sz) {
        ^~~~
hw/core/loader.c:171:9: warning: Loss of sign in implicit conversion
    if (size > memory_region_size(mr)) {
        ^~~~

Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
 hw/core/loader.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/core/loader.c b/hw/core/loader.c
index c17ace0a2e..4bb176f284 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -146,7 +146,7 @@ int load_image_targphys_as(const char *filename,
     int size;
 
     size = get_image_size(filename);
-    if (size > max_sz) {
+    if (size < 0 || size > max_sz) {
         return -1;
     }
     if (size > 0) {
@@ -168,7 +168,7 @@ int load_image_mr(const char *filename, MemoryRegion *mr)
 
     size = get_image_size(filename);
 
-    if (size > memory_region_size(mr)) {
+    if (size < 0 || size > memory_region_size(mr)) {
         return -1;
     }
     if (size > 0) {
-- 
2.13.3

Re: [Qemu-devel] [PATCH for 2.10 02/35] loader: check get_image_size() return value

Posted by Eric Blake 8 years, 3 months ago

On 07/24/2017 01:27 PM, Philippe Mathieu-Daudé wrote:
> since a negative value means it errored.
> 
> hw/core/loader.c:149:9: warning: Loss of sign in implicit conversion
>     if (size > max_sz) {
>         ^~~~
> hw/core/loader.c:171:9: warning: Loss of sign in implicit conversion
>     if (size > memory_region_size(mr)) {
>         ^~~~
> 
> Reported-by: Clang Static Analyzer
> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> ---
>  hw/core/loader.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Re: [Qemu-devel] [PATCH for 2.10 02/35] loader: check get_image_size() return value

Posted by Alistair Francis 8 years, 3 months ago

On Mon, Jul 24, 2017 at 11:38 AM, Eric Blake <eblake@redhat.com> wrote:
> On 07/24/2017 01:27 PM, Philippe Mathieu-Daudé wrote:
>> since a negative value means it errored.
>>
>> hw/core/loader.c:149:9: warning: Loss of sign in implicit conversion
>>     if (size > max_sz) {
>>         ^~~~
>> hw/core/loader.c:171:9: warning: Loss of sign in implicit conversion
>>     if (size > memory_region_size(mr)) {
>>         ^~~~
>>
>> Reported-by: Clang Static Analyzer
>> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
>> ---
>>  hw/core/loader.c | 4 ++--
>>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> Reviewed-by: Eric Blake <eblake@redhat.com>

Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>

Thanks,
Alistair

>
> --
> Eric Blake, Principal Software Engineer
> Red Hat, Inc.           +1-919-301-3266
> Virtualization:  qemu.org | libvirt.org
>