loader: check get_image_size() return value
since a negative value means it errored.
hw/core/loader.c:149:9: warning: Loss of sign in implicit conversion
if (size > max_sz) {
^~~~
hw/core/loader.c:171:9: warning: Loss of sign in implicit conversion
if (size > memory_region_size(mr)) {
^~~~
Reported-by: Clang Static Analyzer
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/hw/core/loader.c b/hw/core/loader.c
index e5e8cbb..ebe574c 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -146,7 +146,7 @@
int size;
size = get_image_size(filename);
- if (size > max_sz) {
+ if (size < 0 || size > max_sz) {
return -1;
}
if (size > 0) {
@@ -168,7 +168,7 @@
size = get_image_size(filename);
- if (size > memory_region_size(mr)) {
+ if (size < 0 || size > memory_region_size(mr)) {
return -1;
}
if (size > 0) {