hbitmap: add assertion on hbitmap_iter_init

hbitmap_iter_init causes an out-of-bounds access when the "first" argument is or greater than or equal to the size of the bitmap. Forbid this with an assertion, and remove the failing testcase. Reported-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
author: Paolo Bonzini <pbonzini@redhat.com> 2013-01-22 15:01:12 +0100
committer: Kevin Wolf <kwolf@redhat.com> 2013-01-25 18:18:35 +0100
commit: 1b0952445522af73b0e78420a9078b3653923703 (patch)
tree: b736c93c1884f518c567d4ff3bd7dc9199ec4948 /include
parent: 88ff0e48eedd679a9dc1122676d8aa29f8d07571 (diff)
download: qemu-1b0952445522af73b0e78420a9078b3653923703.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/include/qemu/hbitmap.h b/include/qemu/hbitmap.h
index 7ddfb66808..73f5d1d8d3 100644
--- a/include/qemu/hbitmap.h
+++ b/include/qemu/hbitmap.h
@@ -128,7 +128,8 @@ void hbitmap_free(HBitmap *hb);
  * hbitmap_iter_init:
  * @hbi: HBitmapIter to initialize.
  * @hb: HBitmap to iterate on.
- * @first: First bit to visit (0-based).
+ * @first: First bit to visit (0-based, must be strictly less than the
+ * size of the bitmap).
  *
  * Set up @hbi to iterate on the HBitmap @hb.  hbitmap_iter_next will return
  * the lowest-numbered bit that is set in @hb, starting at @first.
author	Paolo Bonzini <pbonzini@redhat.com>	2013-01-22 15:01:12 +0100
committer	Kevin Wolf <kwolf@redhat.com>	2013-01-25 18:18:35 +0100
commit	1b0952445522af73b0e78420a9078b3653923703 (patch)
tree	b736c93c1884f518c567d4ff3bd7dc9199ec4948 /include
parent	88ff0e48eedd679a9dc1122676d8aa29f8d07571 (diff)
download	qemu-1b0952445522af73b0e78420a9078b3653923703.tar.gz