Report of the static analyzer: An integer underflow may occur in the calculation of `p->lex_inbuf` due to the subtraction `i - 1`. This can happen when `i` is equal to `0`, causing the result to wrap around to `SIZE_MAX`.
Corrections explained: 1. Add a check to ensure `i` is greater than `0` before performing the subtraction. 2. Skip the adjustment of `p->lex_inbuf` if `i` is `0`. This ensures that the code is safe against underflow and behaves correctly in all cases. Triggers found by static analyzer Svace. Signed-off-by: Anton Moryakov <[email protected]> --- miscutils/bc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/miscutils/bc.c b/miscutils/bc.c index 28bc40c8b..a4699497d 100644 --- a/miscutils/bc.c +++ b/miscutils/bc.c @@ -3019,7 +3019,8 @@ static void xc_lex_name(void) bc_vec_string(&p->lex_strnumbuf, i, buf); // Increment the index. We minus 1 because it has already been incremented. - p->lex_inbuf += i - 1; + if(i > 0) + p->lex_inbuf += i - 1; //return BC_STATUS_SUCCESS; } -- 2.30.2 _______________________________________________ busybox mailing list [email protected] https://lists.busybox.net/mailman/listinfo/busybox
