diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2014-11-17 17:22:03 +0000 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2014-11-17 17:22:03 +0000 |
| commit | 1aba4be97eb01b650d146c7f01dc961d55da62ab (patch) | |
| tree | 76a1ef0b1c33fdc3014036fa9de5c4c4300773d6 /hw/core/loader.c | |
| parent | d8edf52a51846286ecdbe8370b5111655618e849 (diff) | |
| parent | a9be76576e375a994bbcea0a5eb2a3852969de0e (diff) | |
| download | hqemu-1aba4be97eb01b650d146c7f01dc961d55da62ab.zip hqemu-1aba4be97eb01b650d146c7f01dc961d55da62ab.tar.gz | |
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
A smattering of fixes for problems that Coverity reported.
# gpg: Signature made Mon 17 Nov 2014 17:03:25 GMT using RSA key ID 78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream:
hcd-musb: fix dereference null return value
target-cris/translate.c: fix out of bounds read
shpc: fix error propaagation
qemu-char: fix MISSING_COMMA
acl: fix memory leak
nvme: remove superfluous check
loader: fix NEGATIVE_RETURNS
qga: fix false negative argument passing
mips_mipssim: fix use-after-free for filename
l2tpv3: fix fd leak
l2tpv3: fix possible double free
libcacard: fix resource leak
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'hw/core/loader.c')
| -rw-r--r-- | hw/core/loader.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/hw/core/loader.c b/hw/core/loader.c index bbe6eb3..fc15535 100644 --- a/hw/core/loader.c +++ b/hw/core/loader.c @@ -80,6 +80,13 @@ int load_image(const char *filename, uint8_t *addr) if (fd < 0) return -1; size = lseek(fd, 0, SEEK_END); + if (size == -1) { + fprintf(stderr, "file %-20s: get size error: %s\n", + filename, strerror(errno)); + close(fd); + return -1; + } + lseek(fd, 0, SEEK_SET); if (read(fd, addr, size) != size) { close(fd); @@ -748,6 +755,12 @@ int rom_add_file(const char *file, const char *fw_dir, } rom->addr = addr; rom->romsize = lseek(fd, 0, SEEK_END); + if (rom->romsize == -1) { + fprintf(stderr, "rom: file %-20s: get size error: %s\n", + rom->name, strerror(errno)); + goto err; + } + rom->datasize = rom->romsize; rom->data = g_malloc0(rom->datasize); lseek(fd, 0, SEEK_SET); |
