[PATCH] GcovData.cc: Fix out-of-bounds access errors

Gedare Bloom gedare at rtems.org
Thu Aug 12 17:38:53 UTC 2021 

On Thu, Aug 12, 2021 at 7:54 AM Ryan Long <ryan.long at oarcorp.com> wrote:
>
> Would you need to check if length < sizeof(gcov_preamble) since length is assigned that value?
>
No, but my question is about 'preamble'. If there's a difference
between 'preamble' and 'gcov_preamble', then that should be checked.
If they should be the same, that should be asserted, probably.

> -----Original Message-----
> From: Gedare Bloom <gedare at rtems.org>
> Sent: Wednesday, August 11, 2021 11:13 AM
> To: Ryan Long <ryan.long at oarcorp.com>
> Cc: devel at rtems.org
> Subject: Re: [PATCH] GcovData.cc: Fix out-of-bounds access errors
>
> On Wed, Aug 11, 2021 at 8:06 AM Ryan Long <ryan.long at oarcorp.com> wrote:
> >
> > Adjusted number of bytes to be read
> >
> > CID 1506208: Out-of-bounds access
> > CID 1506209: Out-of-bounds access
> >
> > Closes #4485
> > ---
> >  tester/covoar/GcovData.cc | 6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/tester/covoar/GcovData.cc b/tester/covoar/GcovData.cc
> > index 02e7489..da0cc2a 100644
> > --- a/tester/covoar/GcovData.cc
> > +++ b/tester/covoar/GcovData.cc
> > @@ -129,7 +129,7 @@ namespace Gcov {
> >      preamble.timestamp = gcnoPreamble.timestamp;
> >
> >      //Write preamble
> > -    gcdaFile.write( (char *) &preamble , 4 * sizeof( preamble ) );
> > +    gcdaFile.write( (char *) &preamble , sizeof( preamble ) );
> >      if ( gcdaFile.fail() ) {
> >        std::cerr << "Error while writing gcda preamble to a file "
> >                  << gcdaFileName << std::endl; @@ -402,8 +402,8 @@
> > namespace Gcov {
> >      int length;
> >
> >      length = sizeof( gcov_preamble );
> > -    gcovFile.read( (char *) &preamble, 4 * sizeof( gcov_preamble ) );
> > -    if ( gcovFile.gcount() != 4 * sizeof( gcov_preamble ) ) {
> > +    gcovFile.read( (char *) &preamble, length );
> Does something ensure that sizeof(preamble) < length?
>
> regardless, the patch looks like an improvement, go ahead.
>
> > +    if ( gcovFile.gcount() != length ) {
> >        std::cerr << "Error while reading file preamble" << std::endl;
> >        return -1;
> >      }
> > --
> > 1.8.3.1
> >
> > _______________________________________________
> > devel mailing list
> > devel at rtems.org
> > http://lists.rtems.org/mailman/listinfo/devel

More information about the devel mailing list