virtio-balloon: Tweak recent fix for integer overflow

Commit 1f9296b avoids "other kinds of overflow" by limiting the polling interval to UINT_MAX. The computations to protect are done in 64 bits. This is indeed safe when unsigned is 32 bits, as it commonly is. It isn't when unsigned is 64 bits. Purely theoretical; I'm not aware of such a system. Limit it to UINT32_MAX instead. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2014-10-01 18:43:44 +02:00 · 2014-10-01 18:43:44 +02:00 · 22644cd2c6
parent e40830afa1
commit 22644cd2c6
1 changed files with 1 additions and 1 deletions
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@ -170,7 +170,7 @@ static void balloon_stats_set_poll_interval(Object *obj, struct Visitor *v,
        return;
    }

-    if (value > UINT_MAX) {
+    if (value > UINT32_MAX) {
        error_setg(errp, "timer value is too big");
        return;
    }