[Qemu-devel] [PATCH for-2.5] bt: avoid unintended sign extension

Paolo Bonzini Fri, 27 Nov 2015 04:09:47 -0800

In the case of a 4-byte length, shifting a value by 24 may cause
an unintended sign extension when converting from int to size_t.
Use a uint32_t variable instead.


Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
---
 hw/bt/sdp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/bt/sdp.c b/hw/bt/sdp.c
index b9bcdcc..04eaeca 100644
--- a/hw/bt/sdp.c
+++ b/hw/bt/sdp.c
@@ -42,7 +42,7 @@ struct bt_l2cap_sdp_state_s {
 
 static ssize_t sdp_datalen(const uint8_t **element, ssize_t *left)
 {
-    size_t len = *(*element) ++ & SDP_DSIZE_MASK;
+    uint32_t len = *(*element) ++ & SDP_DSIZE_MASK;
 
     if (!*left)
         return -1;
-- 
2.5.0

[Qemu-devel] [PATCH for-2.5] bt: avoid unintended sign extension

Reply via email to