| Message ID | 20240605134054.2626953-16-jmarchan@redhat.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | trace-cmd: fix misc issues found by static analysis | expand |
Note the subject has a typo "lssek". On Wed, 5 Jun 2024 15:40:30 +0200 "Jerome Marchand" <jmarchan@redhat.com> wrote: > Check that do_lseek doesn't fail before calling malloc() with a -1 > argument. > > This is flagged as an overrun error (CWE-119) by static anaysis > because of the call to read() later, but I don't imagine that malloc > would succeed. > > Signed-off-by: Jerome Marchand <jmarchan@redhat.com> > --- > lib/trace-cmd/trace-output.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/lib/trace-cmd/trace-output.c b/lib/trace-cmd/trace-output.c > index 5ba0a145..35904620 100644 > --- a/lib/trace-cmd/trace-output.c > +++ b/lib/trace-cmd/trace-output.c > @@ -2069,6 +2069,8 @@ __hidden void *trace_get_options(struct tracecmd_output *handle, size_t *len) > } > > offset = do_lseek(&out_handle, 0, SEEK_CUR); > + if(offset == (off_t)-1) Nit, the above has whitespace issues: if (offset == (off_t)-1) Could you resend this? Thanks, -- Steve > + goto out; > buf = malloc(offset); > if (!buf) > goto out;
On 17/07/2024 23:10, Steven Rostedt wrote: > > Note the subject has a typo "lssek". > > > On Wed, 5 Jun 2024 15:40:30 +0200 > "Jerome Marchand" <jmarchan@redhat.com> wrote: > >> Check that do_lseek doesn't fail before calling malloc() with a -1 >> argument. >> >> This is flagged as an overrun error (CWE-119) by static anaysis >> because of the call to read() later, but I don't imagine that malloc >> would succeed. >> >> Signed-off-by: Jerome Marchand <jmarchan@redhat.com> >> --- >> lib/trace-cmd/trace-output.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/lib/trace-cmd/trace-output.c b/lib/trace-cmd/trace-output.c >> index 5ba0a145..35904620 100644 >> --- a/lib/trace-cmd/trace-output.c >> +++ b/lib/trace-cmd/trace-output.c >> @@ -2069,6 +2069,8 @@ __hidden void *trace_get_options(struct tracecmd_output *handle, size_t *len) >> } >> >> offset = do_lseek(&out_handle, 0, SEEK_CUR); >> + if(offset == (off_t)-1) > > Nit, the above has whitespace issues: > > if (offset == (off_t)-1) > > Could you resend this? Will do. Jerome > > Thanks, > > -- Steve > >> + goto out; >> buf = malloc(offset); >> if (!buf) >> goto out; >
diff --git a/lib/trace-cmd/trace-output.c b/lib/trace-cmd/trace-output.c index 5ba0a145..35904620 100644 --- a/lib/trace-cmd/trace-output.c +++ b/lib/trace-cmd/trace-output.c @@ -2069,6 +2069,8 @@ __hidden void *trace_get_options(struct tracecmd_output *handle, size_t *len) } offset = do_lseek(&out_handle, 0, SEEK_CUR); + if(offset == (off_t)-1) + goto out; buf = malloc(offset); if (!buf) goto out;
Check that do_lseek doesn't fail before calling malloc() with a -1 argument. This is flagged as an overrun error (CWE-119) by static anaysis because of the call to read() later, but I don't imagine that malloc would succeed. Signed-off-by: Jerome Marchand <jmarchan@redhat.com> --- lib/trace-cmd/trace-output.c | 2 ++ 1 file changed, 2 insertions(+)