Actions
Bug #3641
closedcoverity: data directory handling issues
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0
Description
** CID 1460664: (INTEGER_OVERFLOW) /src/util-conf.c: 77 in ConfigSetDataDirectory() /src/util-conf.c: 78 in ConfigSetDataDirectory() ________________________________________________________________________________________________________ *** CID 1460664: (INTEGER_OVERFLOW) /src/util-conf.c: 77 in ConfigSetDataDirectory() 71 if (strlen(name) == 0) 72 return TM_ECODE_OK; 73 74 size_t size = strlen(name) + 1; 75 char tmp[size]; 76 strlcpy(tmp, name, size); >>> CID 1460664: (INTEGER_OVERFLOW) >>> Overflowed or truncated value (or a value computed from an overflowed or truncated value) "size - 2UL" used as array index. 77 if (tmp[size - 2] == '/') 78 tmp[size - 2] = '\0'; 79 80 return ConfSetFinal("default-data-dir", tmp) ? TM_ECODE_OK : TM_ECODE_FAILED; 81 } 82 /src/util-conf.c: 78 in ConfigSetDataDirectory() 72 return TM_ECODE_OK; 73 74 size_t size = strlen(name) + 1; 75 char tmp[size]; 76 strlcpy(tmp, name, size); 77 if (tmp[size - 2] == '/') >>> CID 1460664: (INTEGER_OVERFLOW) >>> Overflowed or truncated value (or a value computed from an overflowed or truncated value) "size - 2UL" used as array index. 78 tmp[size - 2] = '\0'; 79 80 return ConfSetFinal("default-data-dir", tmp) ? TM_ECODE_OK : TM_ECODE_FAILED; 81 } 82 83 const char *ConfigGetDataDirectory()
Updated by Victor Julien almost 5 years ago
- Status changed from New to Assigned
- Assignee changed from OISF Dev to Victor Julien
Updated by Victor Julien over 4 years ago
- Status changed from Assigned to In Review
Updated by Victor Julien over 4 years ago
- Status changed from In Review to Closed
- Label Needs backport to 5.0 added
Updated by Jeff Lucovsky over 4 years ago
- Copied to Bug #3672: coverity: data directory handling issues added
Actions