From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.1 From: Aleksei Nikiforov To: devel@lists.altlinux.org Date: Thu, 12 Dec 2019 12:57:14 +0300 Message-Id: <20191212095730.83787-6-darktemplar@altlinux.org> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20191212095730.83787-1-darktemplar@altlinux.org> References: <20191211234857.GB17949@altlinux.org> <20191212095730.83787-1-darktemplar@altlinux.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Cc: Aleksei Nikiforov Subject: [devel] [PATCH for apt v2 05/21] Fix memory access outside of allocated buffer ranges X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Dec 2019 09:58:24 -0000 Archived-At: List-Archive: List-Post: Found via cppcheck: [apt/apt-pkg/contrib/configuration.cc:674] -> [apt/apt-pkg/contrib/configuration.cc:675]: (warning) Either the condition 'StackPos<=100' is redundant or the array 'Stack[100]' is accessed at index 100, which is out of bounds. --- apt/apt-pkg/contrib/configuration.cc | 2 +- apt/cmdline/apt-shell.cc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apt/apt-pkg/contrib/configuration.cc b/apt/apt-pkg/contrib/configuration.cc index 214babc..8c0e5fb 100644 --- a/apt/apt-pkg/contrib/configuration.cc +++ b/apt/apt-pkg/contrib/configuration.cc @@ -671,7 +671,7 @@ bool ReadConfigFile(Configuration &Conf, const string &FName,bool AsSectional, // Go down a level if (TermChar == '{') { - if (StackPos <= 100) + if (StackPos < sizeof(Stack)/sizeof(*Stack)) Stack[StackPos++] = ParentTag; /* Make sectional tags incorperate the section into the diff --git a/apt/cmdline/apt-shell.cc b/apt/cmdline/apt-shell.cc index d192783..7b033da 100644 --- a/apt/cmdline/apt-shell.cc +++ b/apt/cmdline/apt-shell.cc @@ -4088,7 +4088,7 @@ int main(int argc,const char *argv[]) // *q = buffer checker, copying valid stuff to *p while (*q != 0) { - if (largc > sizeof(largv)/sizeof(*largv)) + if (largc >= sizeof(largv)/sizeof(*largv)) { _error->Error(_("Exceeded maximum number of command arguments")); break; -- 2.24.1