Skip to content

Commit

Permalink
port: fix OVERRUN (CWE-119)
Browse files Browse the repository at this point in the history 
```
shadow-4.15.0/lib/port.c:154:2: alias: Assigning: "port.pt_names" = "ttys". "port.pt_names" now points to element 0 of "ttys" (which consists of 65 8-byte elements).
shadow-4.15.0/lib/port.c:155:2: cond_const: Checking "j < 64" implies that "j" is 64 on the false branch.
shadow-4.15.0/lib/port.c:175:2: overrun-local: Overrunning array of 65 8-byte elements at element index 65 (byte offset 527) by dereferencing pointer "port.pt_names + (j + 1)".
173|           *cp = '\0';
174|           cp++;
175|->         port.pt_names[j + 1] = NULL;
176|
177|           /*
```

Resolves: https://issues.redhat.com/browse/RHEL-35383

Signed-off-by: Iker Pedrosa <[email protected]>
Reviewed-by: Alejandro Colomar <[email protected]>
  • Loading branch information
@ikerexxe @alejandro-colomar
ikerexxe authored and alejandro-colomar committed May 17, 2024
1 parent 0066743 commit 4c16416
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/port.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ static struct port *getportent (void)
}
*cp = '\0';
cp++;
port.pt_names[j + 1] = NULL;
port.pt_names[j] = NULL;

/*
* Get the list of user names. It is the second colon
Expand Down

0 comments on commit 4c16416

Please sign in to comment.