Coverity points out that calculating src_len by multiplying
src_width by rows could overflow. This can only happen in
the implausible case of a framebuffer larger than 4GB, but
we may as well fix it, placating Coverity. (CID1005515)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
i = *first_row;
*first_row = -1;
- src_len = src_width * rows;
+ src_len = (hwaddr)src_width * rows;
mem = mem_section->mr;
if (!mem) {