Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:munix9:test
irqbalance
0001-irqbalance-ui-check-if-using-a-negative-in...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-irqbalance-ui-check-if-using-a-negative-index-of-buf.patch of Package irqbalance
From c0cd6149722ca525cf31a363dbe724689bef4d87 Mon Sep 17 00:00:00 2001 From: Tao Liu <ltao@redhat.com> Date: Wed, 13 Mar 2024 14:30:48 +0800 Subject: [PATCH] irqbalance-ui: check if using a negative index of buffer A negative index will be used when recv() fails, which is unexpected for the data buffer. The issue was found by Static Application Security Testing (SAST), which is a potential weakness. This patch will check the negative index before data buffer referencing. Signed-off-by: Tao Liu <ltao@redhat.com> --- ui/irqbalance-ui.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/ui/irqbalance-ui.c b/ui/irqbalance-ui.c index b7f9b62..c26eff6 100644 --- a/ui/irqbalance-ui.c +++ b/ui/irqbalance-ui.c @@ -127,9 +127,13 @@ try_again: char *data = malloc(default_bufsz); int len = recv(socket_fd, data, default_bufsz, MSG_TRUNC); close(socket_fd); - data[len] = '\0'; free(msg->msg_control); free(msg); + if (len < 0) { + free(data); + return NULL; + } + data[len] = '\0'; if (len >= default_bufsz) { /* msg was truncated, increase bufsz and try again */ default_bufsz += 8192; -- 2.40.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor