Project

General

Profile

Actions

Bug #3641

closed

coverity: data directory handling issues

Added by Victor Julien over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0

Description

** CID 1460664:    (INTEGER_OVERFLOW)
/src/util-conf.c: 77 in ConfigSetDataDirectory()
/src/util-conf.c: 78 in ConfigSetDataDirectory()

________________________________________________________________________________________________________
*** CID 1460664:    (INTEGER_OVERFLOW)
/src/util-conf.c: 77 in ConfigSetDataDirectory()
71         if (strlen(name) == 0)
72             return TM_ECODE_OK;
73     
74         size_t size = strlen(name) + 1;
75         char tmp[size];
76         strlcpy(tmp, name, size);
>>>     CID 1460664:    (INTEGER_OVERFLOW)
>>>     Overflowed or truncated value (or a value computed from an overflowed or truncated value) "size - 2UL" used as array index.
77         if (tmp[size - 2] == '/')
78             tmp[size - 2] = '\0';
79     
80         return ConfSetFinal("default-data-dir", tmp) ? TM_ECODE_OK : TM_ECODE_FAILED;
81     }
82     
/src/util-conf.c: 78 in ConfigSetDataDirectory()
72             return TM_ECODE_OK;
73     
74         size_t size = strlen(name) + 1;
75         char tmp[size];
76         strlcpy(tmp, name, size);
77         if (tmp[size - 2] == '/')
>>>     CID 1460664:    (INTEGER_OVERFLOW)
>>>     Overflowed or truncated value (or a value computed from an overflowed or truncated value) "size - 2UL" used as array index.
78             tmp[size - 2] = '\0';
79     
80         return ConfSetFinal("default-data-dir", tmp) ? TM_ECODE_OK : TM_ECODE_FAILED;
81     }
82     
83     const char *ConfigGetDataDirectory()

Related issues 1 (0 open1 closed)

Copied to Suricata - Bug #3672: coverity: data directory handling issuesClosedJeff LucovskyActions
Actions

Also available in: Atom PDF