Commit c2551b47 authored by Kevin Wolf's avatar Kevin Wolf
Browse files

qcow2: Fix potential qemu-img check crash on 32 bit hosts 



This crash was caught with qemu-iotests test case 138.

Commit b6d36def already fixed a few 32 bit truncation bugs that could
cause qemu-img check to allocate too little memory and consequently
it would segfault. On 32 bit hosts, there is one more place that needs
to be fixed because size_t was involved in the calculation and is a
32 bit type there.

Cc: qemu-stable@nongnu.org
Reported-by: default avatarMichael S. Tsirkin <mst@redhat.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
Tested-by: default avatarMichael S. Tsirkin <mst@redhat.com>
parent 9d7b969e

block/qcow2-refcount.c

+1 −1
Original line number Diff line number Diff line
@@ -1244,7 +1244,7 @@ fail: 
/* refcount checking functions */





static size_t refcount_array_byte_size(BDRVQcow2State *s, uint64_t entries)

static uint64_t refcount_array_byte_size(BDRVQcow2State *s, uint64_t entries)

{

    /* This assertion holds because there is no way we can address more than

     * 2^(64 - 9) clusters at once (with cluster size 512 = 2^9, and because