#2292 closed defect (fixed)

msdos_misc.c:1059: array index used before sanity check ?

Reported by: David Binderman Owned by: Gedare Bloom <gedare@…>
Priority: normal Milestone: 4.11
Component: unspecified Version: 4.10
Severity: normal Keywords:
Cc: Blocked By:
Blocking:

Description

[rtems/cpukit/libfs/src/dosfs/msdos_misc.c:1059]: (style) Array index 'chars_in_entry' is used before limits check.

Source code is

for (chars_in_entry = 0;

( entry_string_buf[chars_in_entry] != 0x0000

&& chars_in_entry < MSDOS_LFN_LEN_PER_ENTRY );
++chars_in_entry) {

Attachments (1)

0001-dosfs-avoid-buffer-overread.-closes-2292.patch (990 bytes) - added by Gedare Bloom on Mar 10, 2015 at 1:55:27 PM.
Fix.

Download all attachments as: .zip

Change History (4)

comment:1 Changed on Mar 10, 2015 at 1:55:39 PM by Gedare Bloom

This is a possible out-of-bounds read access. I don't think this is a bug, but I've attached a patch that should quiet your static analyzer.

comment:2 Changed on May 27, 2015 at 3:22:53 PM by Gedare Bloom <gedare@…>

Owner: set to Gedare Bloom <gedare@…>
Resolution: fixed
Status: newclosed

In 92422be16c3f3e835fca9b09e9b15e91714d522b/rtems:

dosfs: avoid buffer-overread. closes #2292.

comment:3 Changed on May 27, 2015 at 3:23:48 PM by Gedare Bloom

Milestone: 4.11.14.11
Note: See TracTickets for help on using tickets.