From: Christophe CURIS <christophe.cu...@free.fr>
Coverity complain that there can be security issues because the variable
'i' is being modified using untrusted data (coming from a file). This is
probably pessimistic, because in the present case we're talking with the
kernel.
Using the correct signedness for the variable should however keep us safe,
and (I hope) make Coverity happy.
Took opportunity to include an error message in case of read problem
because it can help to debug.
Signed-off-by: Christophe CURIS <christophe.cu...@free.fr>
---
src/event.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/event.c b/src/event.c
index bc590fe..9a8a3e3 100644
--- a/src/event.c
+++ b/src/event.c
@@ -33,6 +33,7 @@
#include <string.h>
#include <strings.h>
#include <time.h>
+#include <errno.h>
#include <X11/Xlib.h>
#include <X11/Xutil.h>
@@ -294,7 +295,8 @@ void DispatchEvent(XEvent * event)
*/
static void handle_inotify_events(void)
{
- ssize_t eventQLength, i = 0;
+ ssize_t eventQLength;
+ size_t i = 0;
/* Make room for at lease 5 simultaneous events, with path + filenames
*/
char buff[ (sizeof(struct inotify_event) + NAME_MAX + 1) * 5 ];
/* Check config only once per read of the event queue */
@@ -310,6 +312,11 @@ static void handle_inotify_events(void)
eventQLength = read(w_global.inotify.fd_event_queue,
buff, sizeof(buff) );
+ if (eventQLength < 0) {
+ wwarning(_("read problem when trying to get INotify event:
%s"), strerror(errno));
+ return;
+ }
+
/* check what events occured */
/* Should really check wd here too, but for now we only have one watch!
*/
while (i < eventQLength) {
--
2.1.1
--
To unsubscribe, send mail to wmaker-dev-unsubscr...@lists.windowmaker.org.
