shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-06 13:17:44 +03:00
Code

udev-builtin-usb_id: Check full range of size returned by read()

Browse Source 
This shouldn't be necessary, since read() should never return a size
larger than the size of the buffer passed in, but Coverity doesn't seem
to understand that.

We could possibly fix this with a model file for Coverity, but given
changing the code is not that much of a biggie, let's just do that
instead.

Fixes CID 996458: Overflowed or truncated value (or a value computed
from an overflowed or truncated value) `pos` used as array index.

Tested: `ninja -C build/ test`, builds without warnings, test cases pass.
This commit is contained in:
Filipe Brandenburger 2018-06-07 14:11:51 -07:00 committed by Lennart Poettering
parent fffafb2b5e
commit 9d635f50b8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/udev/udev-builtin-usb_id.c
View File

@ -176,7 +176,7 @@ static int dev_if_packed_info(struct udev_device *dev, char *ifs_str, size_t len
return log_debug_errno(errno, "Error opening USB device 'descriptors' file: %m");
size = read(fd, buf, sizeof(buf));
if (size < 18 || size == sizeof(buf))
if (size < 18 || (size_t) size >= sizeof(buf))
return -EIO;
ifs_str[0] = '\0';