kimcinoo
/
efl
forked from enlightenment/efl
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

eina log - keep coverity happy with potential ptr comparison overflow 

fixes CID 1361220

in theory yes end minus start could be insanely huge or end be very
high in memory thus causing an overflow. this would have to be in the
last few bytes of memory space, so it never going to happen. and the
input from the env var has to be sane anyway as its user controlled.

@fix
This commit is contained in:
Carsten Haitzler 2016-08-06 15:50:17 +09:00
parent 15e34ffe15
commit 20c6bd296b
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/lib/eina/eina_log.c
View File

@ -972,9 +972,12 @@ eina_log_domain_parse_pendings(void)
level = strtol((char *)(end + 1), &tmp, 10);
if (tmp == (end + 1))
goto parse_end;
// If the name of the log is more than 64k it's silly so give up
// as it's pointless and in theory could overflow pointer
if ((end - start) > 0xffff)
break;
// Parse name
p = malloc(sizeof(Eina_Log_Domain_Level_Pending) + end - start + 1);
p = malloc(sizeof(Eina_Log_Domain_Level_Pending) + (end - start) + 1);
if (!p)
break;