Actions
Bug #3641
closedcoverity: data directory handling issues
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0
Description
** CID 1460664: (INTEGER_OVERFLOW)
/src/util-conf.c: 77 in ConfigSetDataDirectory()
/src/util-conf.c: 78 in ConfigSetDataDirectory()
________________________________________________________________________________________________________
*** CID 1460664: (INTEGER_OVERFLOW)
/src/util-conf.c: 77 in ConfigSetDataDirectory()
71 if (strlen(name) == 0)
72 return TM_ECODE_OK;
73
74 size_t size = strlen(name) + 1;
75 char tmp[size];
76 strlcpy(tmp, name, size);
>>> CID 1460664: (INTEGER_OVERFLOW)
>>> Overflowed or truncated value (or a value computed from an overflowed or truncated value) "size - 2UL" used as array index.
77 if (tmp[size - 2] == '/')
78 tmp[size - 2] = '\0';
79
80 return ConfSetFinal("default-data-dir", tmp) ? TM_ECODE_OK : TM_ECODE_FAILED;
81 }
82
/src/util-conf.c: 78 in ConfigSetDataDirectory()
72 return TM_ECODE_OK;
73
74 size_t size = strlen(name) + 1;
75 char tmp[size];
76 strlcpy(tmp, name, size);
77 if (tmp[size - 2] == '/')
>>> CID 1460664: (INTEGER_OVERFLOW)
>>> Overflowed or truncated value (or a value computed from an overflowed or truncated value) "size - 2UL" used as array index.
78 tmp[size - 2] = '\0';
79
80 return ConfSetFinal("default-data-dir", tmp) ? TM_ECODE_OK : TM_ECODE_FAILED;
81 }
82
83 const char *ConfigGetDataDirectory()
Updated by Victor Julien over 4 years ago
- Status changed from New to Assigned
- Assignee changed from OISF Dev to Victor Julien
Updated by Victor Julien over 4 years ago
- Status changed from Assigned to In Review
Updated by Victor Julien over 4 years ago
- Status changed from In Review to Closed
- Label Needs backport to 5.0 added
Updated by Jeff Lucovsky over 4 years ago
- Copied to Bug #3672: coverity: data directory handling issues added
Actions