qcow: Avoid overflow when taking ceiling of division

The extra % operation will be slower, but none of these divisions are in hot paths. They are only used during setup. Many of these operations take untrusted input from the disk file, so need to be hardened. BUG=979458 TEST=unit tests still pass Signed-off-by: Dylan Reid <dgreid@chromium.org> Change-Id: I0e93c73b345faf643da53ea41bde3349d756bdc7 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1679891 Reviewed-by: Daniel Verkamp <dverkamp@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com> (cherry picked from crosvm commit eecbccc4d9d70b2fd63681a2b3ced6a6aafe81bb) Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2025-01-21 20:15:21 +00:00 · 2019-06-28 15:19:43 +10:00 · 2019-06-28 15:19:43 +10:00 · 20f8d8d700
commit 20f8d8d700
parent 4ba1d2274e
1 changed files with 2 additions and 2 deletions
--- a/qcow/src/qcow.rs
+++ b/qcow/src/qcow.rs
@ -1542,12 +1542,12 @@ fn offset_is_cluster_boundary(offset: u64, cluster_bits: u32) -> Result<()> {

 // Ceiling of the division of `dividend`/`divisor`.
 fn div_round_up_u64(dividend: u64, divisor: u64) -> u64 {
-    (dividend + divisor - 1) / divisor
+    dividend / divisor + if dividend % divisor != 0 { 1 } else { 0 }
 }

 // Ceiling of the division of `dividend`/`divisor`.
 fn div_round_up_u32(dividend: u32, divisor: u32) -> u32 {
-    (dividend + divisor - 1) / divisor
+    dividend / divisor + if dividend % divisor != 0 { 1 } else { 0 }
 }

 fn convert_copy<R, W>(reader: &mut R, writer: &mut W, offset: u64, size: u64) -> Result<()>