| Message ID | 20230110-vv-coverity-fixes-v1-1-c7ee6c76b200@intel.com |
|---|---|
| State | Accepted |
| Commit | 07f8c307e5118df1234cfc0c7dbba08641699a7c |
| Headers | show |
| Series | cxl: misc coverity and typo fixes | expand |
On Tue, Jan 10, 2023 at 04:09:14PM -0700, Vishal Verma wrote: > Static analysis reports that in add_region(), a buffer from pread() > won't have NUL-termination. Hence passing it to strtol subsequently can > be wrong. Manually add the termination after pread() to fix this. > > Fixes: c64cc150a21e ("ndctl: add support in libndctl to provide deep flush") > Cc: Dave Jiang <dave.jiang@intel.com> > Signed-off-by: Vishal Verma <vishal.l.verma@intel.com> > --- > ndctl/lib/libndctl.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c > index f32f704..ddbdd9a 100644 > --- a/ndctl/lib/libndctl.c > +++ b/ndctl/lib/libndctl.c > @@ -2750,6 +2750,8 @@ static void *add_region(void *parent, int id, const char *region_base) > goto out; > } > > + /* pread() doesn't add NUL termination */ > + buf[1] = 0; > perm = strtol(buf, NULL, 0); > if (perm == 0) { > close(region->flush_fd); > This diff is annoying because it didn't include enough to show the pread(). Made me open up file ;) Reviewed-by: Alison Schofield <alison.schofield@intel.com> > -- > 2.39.0 >
diff --git a/ndctl/lib/libndctl.c b/ndctl/lib/libndctl.c index f32f704..ddbdd9a 100644 --- a/ndctl/lib/libndctl.c +++ b/ndctl/lib/libndctl.c @@ -2750,6 +2750,8 @@ static void *add_region(void *parent, int id, const char *region_base) goto out; } + /* pread() doesn't add NUL termination */ + buf[1] = 0; perm = strtol(buf, NULL, 0); if (perm == 0) { close(region->flush_fd);
Static analysis reports that in add_region(), a buffer from pread() won't have NUL-termination. Hence passing it to strtol subsequently can be wrong. Manually add the termination after pread() to fix this. Fixes: c64cc150a21e ("ndctl: add support in libndctl to provide deep flush") Cc: Dave Jiang <dave.jiang@intel.com> Signed-off-by: Vishal Verma <vishal.l.verma@intel.com> --- ndctl/lib/libndctl.c | 2 ++ 1 file changed, 2 insertions(+)