diff options
| author | Bart Van Assche <bvanassche@acm.org> | 2020-05-23 20:39:47 -0700 |
|---|---|---|
| committer | Bart Van Assche <bvanassche@acm.org> | 2020-05-23 20:46:42 -0700 |
| commit | 969b9fbbf4fadbe48eb4d9fea071837d2d3eeb11 (patch) | |
| tree | 8d89252d657dc2608d96f8a6e3ff5bf6832a9cbc /lib/pattern.h | |
| parent | 26f14c3162309115c87ed49fd4082e8cc27545d6 (diff) | |
| download | fio-969b9fbbf4fadbe48eb4d9fea071837d2d3eeb11.tar.gz fio-969b9fbbf4fadbe48eb4d9fea071837d2d3eeb11.tar.bz2 | |
Do not read past the end of fmt_desc[]
Callers of parse_format() pass a size in bytes while the parse_format()
function itself expects a number of elements. Fix this by making the
fmt_desc[] array NULL-terminated. This patch fixes the following Coverity
complaint:
CID 300986 (#1 of 1): Out-of-bounds access (OVERRUN)
overrun-buffer-arg: Overrunning array fmt_desc of 1 24-byte elements by
passing it to a function which accesses it at element index 23 (byte
offset 575) using argument 24U.
Cc: Roman Pen <r.peniaev@gmail.com>
Fixes: 634bd210c17a ("lib/pattern: add set of functions to parse combined pattern input")
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Diffstat (limited to 'lib/pattern.h')
| -rw-r--r-- | lib/pattern.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/lib/pattern.h b/lib/pattern.h index 2d655ad0..a6d9d6b4 100644 --- a/lib/pattern.h +++ b/lib/pattern.h @@ -24,7 +24,6 @@ struct pattern_fmt { int parse_and_fill_pattern(const char *in, unsigned int in_len, char *out, unsigned int out_len, const struct pattern_fmt_desc *fmt_desc, - unsigned int fmt_desc_sz, struct pattern_fmt *fmt, unsigned int *fmt_sz_out); |