render / rpms / libvirt

Forked from rpms/libvirt 11 months ago
Clone
Blob Blame History Raw
From c8e10c7f4644646194bbcb1514bbf110ec7374ad Mon Sep 17 00:00:00 2001
Message-Id: <c8e10c7f4644646194bbcb1514bbf110ec7374ad@dist-git>
From: John Ferlan <jferlan@redhat.com>
Date: Mon, 1 Jul 2019 17:06:11 +0200
Subject: [PATCH] tests: Resolve possible overrun
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Coverity noted that each of the fmemopen called used the strlen value
in order to allocate space, but that neglected space for terminating
null string. So just add 1 to the strlen.

Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
(cherry picked from commit 7eb56dcd9ef4c21f8f4bc5e639dc4dd01e6d572a)

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1689297

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Message-Id: <a0d52bead1b7e31bfa1c1938c7ae19fe0a7605d4.1561993099.git.phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---
 tests/vircgroupmock.c | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/tests/vircgroupmock.c b/tests/vircgroupmock.c
index 51861be38e..bae8304f6c 100644
--- a/tests/vircgroupmock.c
+++ b/tests/vircgroupmock.c
@@ -468,12 +468,13 @@ FILE *fopen(const char *path, const char *mode)
         if (STREQ(mode, "r")) {
             if (allinone)
                 return fmemopen((void *)procmountsallinone,
-                                strlen(procmountsallinone), mode);
+                                strlen(procmountsallinone) + 1, mode);
             else if (logind)
                 return fmemopen((void *)procmountslogind,
-                                strlen(procmountslogind), mode);
+                                strlen(procmountslogind) + 1, mode);
             else
-                return fmemopen((void *)procmounts, strlen(procmounts), mode);
+                return fmemopen((void *)procmounts,
+                                strlen(procmounts) + 1, mode);
         } else {
             errno = EACCES;
             return NULL;
@@ -483,12 +484,13 @@ FILE *fopen(const char *path, const char *mode)
         if (STREQ(mode, "r")) {
             if (allinone)
                 return fmemopen((void *)proccgroupsallinone,
-                                strlen(proccgroupsallinone), mode);
+                                strlen(proccgroupsallinone) + 1, mode);
             else if (logind)
                 return fmemopen((void *)proccgroupslogind,
-                                strlen(proccgroupslogind), mode);
+                                strlen(proccgroupslogind) + 1, mode);
             else
-                return fmemopen((void *)proccgroups, strlen(proccgroups), mode);
+                return fmemopen((void *)proccgroups,
+                                strlen(proccgroups) + 1, mode);
         } else {
             errno = EACCES;
             return NULL;
@@ -498,12 +500,13 @@ FILE *fopen(const char *path, const char *mode)
         if (STREQ(mode, "r")) {
             if (allinone)
                 return fmemopen((void *)procselfcgroupsallinone,
-                                strlen(procselfcgroupsallinone), mode);
+                                strlen(procselfcgroupsallinone) + 1, mode);
             else if (logind)
                 return fmemopen((void *)procselfcgroupslogind,
-                                strlen(procselfcgroupslogind), mode);
+                                strlen(procselfcgroupslogind) + 1, mode);
             else
-                return fmemopen((void *)procselfcgroups, strlen(procselfcgroups), mode);
+                return fmemopen((void *)procselfcgroups,
+                                strlen(procselfcgroups) + 1, mode);
         } else {
             errno = EACCES;
             return NULL;
-- 
2.22.0