diff options
| author | Bart Van Assche <bvanassche@acm.org> | 2020-07-02 14:53:09 -0700 |
|---|---|---|
| committer | Bart Van Assche <bvanassche@acm.org> | 2020-07-02 15:27:39 -0700 |
| commit | fd99605cc5f16bc8171233ba6a8f0ab47e57c4f9 (patch) | |
| tree | 3611bd7abb1984177b44418441bb338368be970b /lib | |
| parent | 832a318683374475b4125cfdd5262c9c8cccb22a (diff) | |
| download | fio-fd99605cc5f16bc8171233ba6a8f0ab47e57c4f9.tar.gz fio-fd99605cc5f16bc8171233ba6a8f0ab47e57c4f9.tar.bz2 | |
num2str(): Fix overflow handling
This patch changes the output for the arguments (UINT64_MAX, 4, 1, 0,
N2S_NONE, "18.4") from "18.4(null)" into "18.4".
This patch fixes the following Coverity complaint:
CID 169307 (#1 of 1): Out-of-bounds read (OVERRUN)
27. overrun-local: Overrunning array of 6 8-byte elements at element
index 6 (byte offset 55) by dereferencing pointer unitprefix + post_index.
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/num2str.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/num2str.c b/lib/num2str.c index 923e21d9..7f628d29 100644 --- a/lib/num2str.c +++ b/lib/num2str.c @@ -80,14 +80,14 @@ char *num2str(uint64_t num, int maxlen, int base, int pow2, enum n2s_unit units) post_index++; } + if (post_index >= ARRAY_SIZE(sistr)) + post_index = 0; + /* * If no modulo, then we're done. */ if (modulo == -1U) { done: - if (post_index >= ARRAY_SIZE(sistr)) - post_index = 0; - if (asprintf(&buf, "%llu%s%s", (unsigned long long) num, unitprefix[post_index], unitstr[units]) < 0) buf = NULL; |