[libvirt] [PATCH] keepalive: Guard against integer overflow

John Ferlan jferlan at redhat.com
Wed Feb 20 20:51:37 UTC 2013


Don't allow interval to be > MAX_INT/1000 in virKeepAliveStart()

Guard against possible overflow in virKeepAliveTimeout() by setting the 
timeout to be MAX_INT/1000 since the math following will multiply it by 1000.

This is a follow-up of sorts from a Coverity change made last month:

https://www.redhat.com/archives/libvir-list/2013-January/msg02267.html

where it was noted that the timeout value math needed overflow protection.

---
 src/rpc/virkeepalive.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/rpc/virkeepalive.c b/src/rpc/virkeepalive.c
index d1fa642..6d69559 100644
--- a/src/rpc/virkeepalive.c
+++ b/src/rpc/virkeepalive.c
@@ -252,6 +252,12 @@ virKeepAliveStart(virKeepAlivePtr ka,
                            _("keepalive interval already set"));
             goto cleanup;
         }
+        /* Guard against overflow */
+        if (interval > INT_MAX / 1000) {
+            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                           _("keepalive interval too large"));
+            goto cleanup;
+        }
         ka->interval = interval;
         ka->count = count;
         ka->countToDeath = count;
@@ -323,6 +329,9 @@ virKeepAliveTimeout(virKeepAlivePtr ka)
         timeout = ka->interval - (time(NULL) - ka->intervalStart);
         if (timeout < 0)
             timeout = 0;
+        /* Guard against overflow */
+        if (timeout > INT_MAX / 1000)
+            timeout = INT_MAX / 1000;
     }
 
     virObjectUnlock(ka);
-- 
1.7.11.7




More information about the libvir-list mailing list