Skip to content

Commit

Permalink
test/getrandom-fallback.c: Fix 'OVERRUN' found by Covscan.
Browse files Browse the repository at this point in the history 
CWE-119: Out-of-bounds access to a buffer (OVERRUN)

overrun-buffer-arg: Calling memset with buf and buflen is suspicious
because of the very large index, 9223372036854775807.  The index may
be due to a negative parameter being interpreted as unsigned.

Limiting buflen to INT16_MAX is big enough for our purposes.
  • Loading branch information
@besser82
besser82 committed Nov 8, 2022
1 parent bb17218 commit a2dcf74
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions test/getrandom-fallbacks.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ __wrap_getrandom (void *buf, size_t buflen, unsigned int ARG_UNUSED(flags))
}
else
{
buflen = MIN (buflen, SSIZE_MAX);
buflen = MIN (buflen, INT16_MAX);
memset (buf, MOCK_getrandom, buflen);
return (ssize_t)buflen;
}
Expand Down Expand Up @@ -130,7 +130,7 @@ __wrap_syscall(long number, ...)
va_start (ap, number);
void *buf = va_arg (ap, void *);
size_t buflen = va_arg (ap, size_t);
buflen = MIN (buflen, SSIZE_MAX);
buflen = MIN (buflen, INT16_MAX);
va_end (ap);
memset (buf, MOCK_sys_getrandom, buflen);
return (ssize_t)buflen;
Expand Down Expand Up @@ -205,7 +205,7 @@ __wrap_read (int fd, void *buf, size_t count)
}
else
{
count = MIN (count, SSIZE_MAX);
count = MIN (count, INT16_MAX);
memset (buf, MOCK_urandom, count);
return (ssize_t)count;
}
Expand Down

0 comments on commit a2dcf74

Please sign in to comment.