On 17 July 2018 14:34:16 CEST, Matt Johnston wrote:
>On Wed, Jul 11, 2018 at 05:26:17PM -0300, Daniel Gutson wrote:
>> Hi,
>>
>>considering this:
>>
>>
>https://github.com/mkj/dropbear/blob/d740dc548924f2faf0934e5f9a4b83d2b5d6902d/atomicio.c#L55
>...
>> What if res is negative less than -1,
On Wed, Jul 11, 2018 at 05:26:17PM -0300, Daniel Gutson wrote:
> Hi,
>
>considering this:
>
> https://github.com/mkj/dropbear/blob/d740dc548924f2faf0934e5f9a4b83d2b5d6902d/atomicio.c#L55
...
> What if res is negative less than -1, for example -2 ? Shouldn't be a check
> there that res is > 0
I'm trying to count the number of ways this code snippet would fail a
commercial coding standard such as MISRA... ;-)
I believe you're right Daniel: res should be bounds checked something like
0 < res < (BUFFER_SIZE-pos) ?? and adding an assert(pos < BUFFER_SIZE)
somewhere would be nice too...
