On 17/07/2024 23:10, Steven Rostedt wrote:
Note the subject has a typo "lssek". On Wed, 5 Jun 2024 15:40:30 +0200 "Jerome Marchand" <jmarchan@xxxxxxxxxx> wrote:Check that do_lseek doesn't fail before calling malloc() with a -1 argument. This is flagged as an overrun error (CWE-119) by static anaysis because of the call to read() later, but I don't imagine that malloc would succeed. Signed-off-by: Jerome Marchand <jmarchan@xxxxxxxxxx> --- lib/trace-cmd/trace-output.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/trace-cmd/trace-output.c b/lib/trace-cmd/trace-output.c index 5ba0a145..35904620 100644 --- a/lib/trace-cmd/trace-output.c +++ b/lib/trace-cmd/trace-output.c @@ -2069,6 +2069,8 @@ __hidden void *trace_get_options(struct tracecmd_output *handle, size_t *len) }offset = do_lseek(&out_handle, 0, SEEK_CUR);+ if(offset == (off_t)-1)Nit, the above has whitespace issues: if (offset == (off_t)-1) Could you resend this?
Will do. Jerome
Thanks, -- Steve+ goto out; buf = malloc(offset); if (!buf) goto out;
|