virtio-balloon: Tweak recent fix for integer overflow

Commit 1f9296b avoids "other kinds of overflow" by limiting the polling interval to UINT_MAX. The computations to protect are done in 64 bits. This is indeed safe when unsigned is 32 bits, as it commonly is. It isn't when unsigned is 64 bits. Purely theoretical; I'm not aware of such a system. Limit it to UINT32_MAX instead. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
author: Markus Armbruster <armbru@redhat.com> 2014-10-01 18:43:44 +0200
committer: Luiz Capitulino <lcapitulino@redhat.com> 2014-10-23 09:01:29 -0400
commit: 22644cd2c60151a964d9505f4c5f7baf845f20d8 (patch)
tree: 4230598ad3928d3db3412fbcb304e48baa1b66a6
parent: e40830afa1cff3ffdc37bdfdd40d80860074636c (diff)
download: qemu-22644cd2c60151a964d9505f4c5f7baf845f20d8.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c
index b5cf7cacc0..7bfbb75ad3 100644
--- a/hw/virtio/virtio-balloon.c
+++ b/hw/virtio/virtio-balloon.c
@@ -170,7 +170,7 @@ static void balloon_stats_set_poll_interval(Object *obj, struct Visitor *v,
         return;
     }
 
-    if (value > UINT_MAX) {
+    if (value > UINT32_MAX) {
         error_setg(errp, "timer value is too big");
         return;
     }
author	Markus Armbruster <armbru@redhat.com>	2014-10-01 18:43:44 +0200
committer	Luiz Capitulino <lcapitulino@redhat.com>	2014-10-23 09:01:29 -0400
commit	22644cd2c60151a964d9505f4c5f7baf845f20d8 (patch)
tree	4230598ad3928d3db3412fbcb304e48baa1b66a6
parent	e40830afa1cff3ffdc37bdfdd40d80860074636c (diff)
download	qemu-22644cd2c60151a964d9505f4c5f7baf845f20d8.tar.gz