Hi, On 2025. 01. 30. 12:04, Anton Moryakov wrote:
Report of the static analyzer: DIVISION_BY_ZERO.EX Variable xatou(...), whose possible value set allows a zero value at xatonum_template.c:118 by calling function 'xatou' at beep.c:90, is used as a denominator at beep.c:90.Corrections explained: Fixed a potential division by zero issue in beep.c. The function xatou(optarg) could return0, leading to an undefined behavior when used as a denominator. Changes: - Added a check to ensure the frequency value is nonzero before division. - If an invalid frequency (0) is provided, the program exits with an error message. This fix prevents crashes and ensures safer execution. Triggers found by static analyzer Svace. Signed-off-by: Anton Moryakov <ant.v.moryakov at gmail.com> --- miscutils/beep.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/miscutils/beep.c b/miscutils/beep.c index 724a666c8..1667757ea 100644 --- a/miscutils/beep.c +++ b/miscutils/beep.c @@ -87,6 +87,9 @@ int beep_main(int argc, char **argv) switch (c) { case 'f': /* TODO: what "-f 0" should do? */ + unsigned freq = xatou(optarg); + if (freq == 0) + bb_error_msg_and_die("frequency cannot be zero"); tickrate_div_freq = (unsigned)CLOCK_TICK_RATE / xatou(optarg);
Why not change this line to use `freq` as well? No point in calling `xatou()` twice...
Bence _______________________________________________ busybox mailing list [email protected] https://lists.busybox.net/mailman/listinfo/busybox
