On 31/08/2020 18:03, Eric van Gyzen wrote:
> Author: vangyzen
> Date: Mon Aug 31 15:03:23 2020
> New Revision: 364989
> URL: https://svnweb.freebsd.org/changeset/base/364989
>
> Log:
> jedec_dimm: fix array overrun
>
> Coverity detected the overrunning of sc->part_str.
>
> Submitted by: bret_ketc...@dell.com
> Reported by: Coverity
> MFC after: 2 weeks
> Sponsored by: Dell EMC Isilon
> Differential Revision: https://reviews.freebsd.org/D26145
>
> Modified:
> head/sys/dev/jedec_dimm/jedec_dimm.c
>
> Modified: head/sys/dev/jedec_dimm/jedec_dimm.c
> ==============================================================================
> --- head/sys/dev/jedec_dimm/jedec_dimm.c Mon Aug 31 14:47:23 2020
> (r364988)
> +++ head/sys/dev/jedec_dimm/jedec_dimm.c Mon Aug 31 15:03:23 2020
> (r364989)
> @@ -795,7 +795,7 @@ jedec_dimm_field_to_str(struct jedec_dimm_softc *sc, c
>
> /* If we're dealing with ASCII, convert trailing spaces to NULs. */
> if (ascii) {
> - for (i = dstsz; i > 0; i--) {
> + for (i = dstsz - 1; i > 0; i--) {
If 'i' is an index into the array, then shouldn't the condition be
greater-equal?
> if (dst[i] == ' ') {
> dst[i] = 0;
> } else if (dst[i] == 0) {
>
--
Andriy Gapon
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
