From 6ff3e650124b167b04cc4fd20ab0e8e3cf859db1 Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 16 Sep 2016 15:51:14 +0200
Subject: [PATCH] qemu: process: Enforce 'vcpu' order range to <1,maxvcpus>

The current code that validates duplicate vcpu order would not work
properly if the order would exceed def->maxvcpus. Limit the order to the
interval described.
---
 src/qemu/qemu_process.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 3b6e07811d..31c8453173 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -4811,10 +4811,14 @@ qemuProcessValidateHotpluggableVcpus(virDomainDefPtr def)
                 goto cleanup;
             }
 
-            ignore_value(virBitmapSetBit(ordermap, vcpu->order));
+            if (virBitmapSetBit(ordermap, vcpu->order)) {
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                               _("vcpu order '%u' exceeds vcpu count"),
+                               vcpu->order);
+                goto cleanup;
+            }
         }
 
-
         for (j = i + 1; j < (i + vcpupriv->vcpus); j++) {
             subvcpu = virDomainDefGetVcpu(def, j);
             if (subvcpu->hotpluggable != vcpu->hotpluggable ||