diff options
author | Markus Armbruster <armbru@redhat.com> | 2011-11-22 09:46:04 +0100 |
---|---|---|
committer | Anthony Liguori <aliguori@us.ibm.com> | 2011-11-28 16:20:52 -0600 |
commit | 45009a3087b4acd8b1c91fcd0b1ee723ac3b0aec (patch) | |
tree | 099d7eb5b00d02ea24d403d6c3ccb5327a2e82ce | |
parent | 961b42b9dc858936f32effc3f47c76b1c4e7de56 (diff) | |
download | qemu-45009a3087b4acd8b1c91fcd0b1ee723ac3b0aec.zip qemu-45009a3087b4acd8b1c91fcd0b1ee723ac3b0aec.tar.gz qemu-45009a3087b4acd8b1c91fcd0b1ee723ac3b0aec.tar.bz2 |
x86/cpuid: Tighten parsing of tsc_freq=FREQ
cpu_x86_find_by_name() uses strtosz_suffix_unit(), but screws up the
error checking. It detects some failures, but not all. Undetected
failures result in a zero tsc_khz value (error value -1 divided by
1000), which means "no tsc_freq set".
To reproduce, try "-cpu qemu64,tsc_freq=9999999T".
strtosz_suffix_unit() fails, because the value overflows int64_t,
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
-rw-r--r-- | target-i386/cpuid.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/target-i386/cpuid.c b/target-i386/cpuid.c index 9fc9769..0b3af90 100644 --- a/target-i386/cpuid.c +++ b/target-i386/cpuid.c @@ -711,7 +711,7 @@ static int cpu_x86_find_by_name(x86_def_t *x86_cpu_def, const char *cpu_model) tsc_freq = strtosz_suffix_unit(val, &err, STRTOSZ_DEFSUFFIX_B, 1000); - if (!*val || *err) { + if (tsc_freq < 0 || *err) { fprintf(stderr, "bad numerical value %s\n", val); goto error; } |