FIX #90: STRING_OVERFLOW in sparc_attrs.c
Commit Message
From: AntonMoryakov <ant.v.moryakov@gmail.com>
first report of the static analyzer:
A string is copied into the buffer 's' of size 577 without checking its length first at sparc_attrs.c:95.
Corrections explained:
Added static_assert to check the size of the name buffer at compile time.
This static_assert will assert that the buffer is large enough to hold all
possible values, without changing the rest of the logic.
Found by RASY JSC
signed-off-by: Anton Moryakov
<ant.v.moryakov@gmail.com>
@@ -32,10 +32,14 @@
#include <string.h>
#include <dwarf.h>
+#include <assert.h>
#define BACKEND sparc_
#include "libebl_CPU.h"
+#define NAME_MAX_SIZE (32 * 17 + 32 + 1) // новый код
+static_assert(NAME_MAX_SIZE == (32 * 17 + 32 + 1), "Buffer size for 'name' is insufficient");
+
bool
sparc_check_object_attribute (Ebl *ebl __attribute__ ((unused)),
const char *vendor, int tag, uint64_t value,
@@ -63,7 +67,7 @@ sparc_check_object_attribute (Ebl *ebl __attribute__ ((unused)),
/* NAME should be big enough to hold any possible comma-separated
list (no repetitions allowed) of attribute names from one of the
arrays above. */
- static char name[32*17+32+1];
+ static char name[NAME_MAX_SIZE];
name[0] = '\0';
if (!strcmp (vendor, "gnu"))