diff options
author | Alan Coopersmith <alan.coopersmith@oracle.com> | 2024-02-03 11:22:53 -0800 |
---|---|---|
committer | Alan Coopersmith <alan.coopersmith@oracle.com> | 2024-02-03 12:13:07 -0800 |
commit | 43da1a3b78fbe0afc5db4a89fa8f72d3b5f7b91a (patch) | |
tree | d8ad5ab4d8eaf343c4ed1902ef633ee71dd66368 | |
parent | 16ace290b2e6d261db21b60bf6ab7c074b112569 (diff) |
Silence -Wanalyzer-out-of-bounds warnings from gcc 13
Analyzer seems not to realize that the last allocated argv entry
should always be set to NULL, causing the || to stop checking argv
entries before getting to any that are not allocated. Raising our
minimum allocation from 4 pointers to 6 soothes it, and costs us
basically nothing.
process.c:1285:26: warning: heap-based buffer over-read [CWE-126] [-Wanalyzer-out-of-bounds]
1285 | !argv[3] || !argv[4] || !argv[5])
| ~~~~^~~
[...]
process.c:1285:26: note: read of 8 bytes from after the end of the region
1285 | !argv[3] || !argv[4] || !argv[5])
| ~~~~^~~
process.c:1285:38: warning: heap-based buffer over-read [CWE-126] [-Wanalyzer-out-of-bounds]
1285 | !argv[3] || !argv[4] || !argv[5])
| ~~~~^~~
[...]
process.c:1285:38: note: read of 8 bytes from after the end of the region
1285 | !argv[3] || !argv[4] || !argv[5])
| ~~~~^~~
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
-rw-r--r-- | process.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -292,7 +292,7 @@ static char **split_into_words ( /* argvify string */ int cur, total; *argcp = 0; -#define WORDSTOALLOC 4 /* most lines are short */ +#define WORDSTOALLOC 6 /* most lines are short */ argv = (char **) malloc (WORDSTOALLOC * sizeof (char *)); if (!argv) return NULL; cur = 0; |