diff options
author | Paolo Bonzini <pbonzini@redhat.com> | 2013-01-22 15:01:12 +0100 |
---|---|---|
committer | Kevin Wolf <kwolf@redhat.com> | 2013-01-25 18:18:35 +0100 |
commit | 1b0952445522af73b0e78420a9078b3653923703 (patch) | |
tree | b736c93c1884f518c567d4ff3bd7dc9199ec4948 /util/hbitmap.c | |
parent | 88ff0e48eedd679a9dc1122676d8aa29f8d07571 (diff) | |
download | qemu-1b0952445522af73b0e78420a9078b3653923703.zip qemu-1b0952445522af73b0e78420a9078b3653923703.tar.gz qemu-1b0952445522af73b0e78420a9078b3653923703.tar.bz2 |
hbitmap: add assertion on hbitmap_iter_init
hbitmap_iter_init causes an out-of-bounds access when the "first"
argument is or greater than or equal to the size of the bitmap.
Forbid this with an assertion, and remove the failing testcase.
Reported-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Diffstat (limited to 'util/hbitmap.c')
-rw-r--r-- | util/hbitmap.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/util/hbitmap.c b/util/hbitmap.c index fb7e01e..2aa487d 100644 --- a/util/hbitmap.c +++ b/util/hbitmap.c @@ -147,6 +147,7 @@ void hbitmap_iter_init(HBitmapIter *hbi, const HBitmap *hb, uint64_t first) hbi->hb = hb; pos = first >> hb->granularity; + assert(pos < hb->size); hbi->pos = pos >> BITS_PER_LEVEL; hbi->granularity = hb->granularity; |