'i' is unsigned, so this code is wrong if ext is long enough:
i = strlen(argv[0]) - strlen(ext);
if (i > 0 && !strcmp(argv[0] + i, ext)) { ... }
Make it signed.
The semantic patch that finds this problem (many false-positive results):
(http://coccinelle.lip6.fr/)
// <smpl>
@ r1 @
identifier f;
@@
int f(...) { ... }
@@
identifier r1.f;
type T;
unsigned T x;
@@
*x = f(...)
...
*x > 0
Signed-off-by: Kulikov Vasiliy <segooon@xxxxxxxxx>
---
tools/perf/perf.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/perf/perf.c b/tools/perf/perf.c
index cdd6c03..cfb857f 100644
--- a/tools/perf/perf.c
+++ b/tools/perf/perf.c
@@ -332,7 +332,7 @@ static void handle_internal_command(int argc, const char **argv)
{ "test", cmd_test, 0 },
{ "inject", cmd_inject, 0 },
};
- unsigned int i;
+ int i;
static const char ext[] = STRIP_EXTENSION;
if (sizeof(ext) > 1) {
--
1.7.0.4
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
