On Thu 03 Jul 2014 17:45:41 zubin.mit...@gmail.com wrote:
> From: Zubin Mithra <zubin.mit...@gmail.com>
>
> * file.c (sys_getdents): Add d_reclen check.
> (sys_getdents64): Add d_reclen check.
>
> Signed-off-by: Zubin Mithra <zubin.mit...@gmail.com>
> ---
> file.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/file.c b/file.c
> index a92a7dc..d739df6 100644
> --- a/file.c
> +++ b/file.c
> @@ -2041,7 +2041,8 @@ sys_readdir(struct tcb *tcp)
> int
> sys_getdents(struct tcb *tcp)
> {
> - int i, len, dents = 0;
> + unsigned int i;
> + int len, dents = 0;
> char *buf;
>
> if (entering(tcp)) {
> @@ -2076,6 +2077,10 @@ sys_getdents(struct tcb *tcp)
> i ? " " : "", d->d_ino, d->d_off);
> tprintf("d_reclen=%u, d_name=\"%s\", d_type=",
> d->d_reclen, d->d_name);
> + if (i + d->d_reclen >= len) {
> + tprints("}");
> + break;
> + }you shouldn't compare signed & unsigned values. i'm not sure this code needs to have "i" converted to unsigned considering the top of it makes sure to clamp the value of len to [0, 1024*1024]. also, should it be "...}" to indicate that there's something, but we're ignoring it ? maybe not since we already silently clamp the result ... -mike
signature.asc
Description: This is a digitally signed message part.
------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds
_______________________________________________ Strace-devel mailing list Strace-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/strace-devel
