725e14e91f
Happily passes (size_t)-1 to rom_add_blob_fixed(), which promptly dies attempting to malloc that much. Spotted by Coverity. Bonus fix for ROMs larger than INT_MAX bytes: return ssize_t instead of int. Bug can't bite, because the only user load_aout() limits ROM size to an int value. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
1.9 KiB
1.9 KiB