From ba56e4cad41ea2b2fb68d18a632ebc7d4e4b1051 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Mon, 9 Jan 2017 16:45:09 +0000 Subject: hw/display/framebuffer.c: Avoid overflow for framebuffers > 4GB Coverity points out that calculating src_len by multiplying src_width by rows could overflow. This can only happen in the implausible case of a framebuffer larger than 4GB, but we may as well fix it, placating Coverity. (CID1005515) Signed-off-by: Peter Maydell Signed-off-by: Michael Tokarev --- hw/display/framebuffer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'hw/display/framebuffer.c') diff --git a/hw/display/framebuffer.c b/hw/display/framebuffer.c index df51358e72..25aa46c8c7 100644 --- a/hw/display/framebuffer.c +++ b/hw/display/framebuffer.c @@ -78,7 +78,7 @@ void framebuffer_update_display( i = *first_row; *first_row = -1; - src_len = src_width * rows; + src_len = (hwaddr)src_width * rows; mem = mem_section->mr; if (!mem) { -- cgit v1.2.3