On 06/01/2011 09:14 AM, Jan Friesse wrote: > md->state_var.curlen theoretically could be sizeof(buf) so overflow > could happen. > > Need REALLY proper review. > Signed-off-by: Jan Friesse <[email protected]> > --- > exec/crypto.c | 3 +++ > 1 files changed, 3 insertions(+), 0 deletions(-) > > diff --git a/exec/crypto.c b/exec/crypto.c > index 901797a..5e0e8a6 100644 > --- a/exec/crypto.c > +++ b/exec/crypto.c > @@ -287,6 +287,9 @@ int func_name (hash_state * md, const unsigned char *buf, > unsigned long len) > len -= block_size; > \ > } else { > \ > n = MIN(len, (block_size - md-> state_var .curlen)); > \ > + if (md-> state_var .curlen == sizeof(md-> state_var .buf)) { > \ > + return CRYPT_INVALID_ARG; > \ > + } > \ > memcpy(md-> state_var .buf + md-> state_var.curlen, buf, > (size_t)n); \ > md-> state_var .curlen += n; > \ > buf += n; > \
Not totally understanding how this macro works, we can ignore this coverity error since I'd rather not break something just to fix a warning. _______________________________________________ Openais mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/openais
