External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-21 19:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

virconf: Properly fix numeric overflow when parsing numbers in conf files

Browse Source 
The previous fix didn't check the overflow in addition. Use the new
macro to check both multiplication and addition overflows.

Fixes: 8666523b7d0891c38a7c9c138c4cc318eddfefeb
Closes: https://gitlab.com/libvirt/libvirt/-/issues/671
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
This commit is contained in:
Peter Krempa 2024-09-09 16:46:08 +02:00 committed by Pavel Hrdina
parent 23cb613606
commit a9ede822da
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/util/virconf.c
View File

@ -347,13 +347,15 @@ virConfParseLong(virConfParserCtxt *ctxt, long long *val)
return -1;
}
while ((ctxt->cur < ctxt->end) && (g_ascii_isdigit(CUR))) {
if (l > LLONG_MAX / 10) {
long long c = (CUR - '0');
if (VIR_MULTIPLY_ADD_IS_OVERFLOW(LLONG_MAX, l, 10, c)) {
virConfError(ctxt, VIR_ERR_OVERFLOW,
_("numeric overflow in conf value"));
return -1;
}
l = l * 10 + (CUR - '0');
l = l * 10 + c;
NEXT;
}
if (neg)