[PATCH mtd-utils] ffsX-utils: Fix integer overflow in jffs2reader.c
Anton Moryakov
ant.v.moryakov at gmail.com
Tue Dec 17 12:43:17 PST 2024
Report of the static analyzer:
Pointer 'path', returned from function 'xstrdup' at jffs2reader.c:690, may be NULL and is dereferenced at jffs2reader.c:692.
Corrections explained:
After calling xstrdup(p), a path == NULL check has been added. This prevents a possible NULL pointer dereference in the event of a memory allocation error.
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov at gmail.com>
---
jffsX-utils/jffs2reader.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/jffsX-utils/jffs2reader.c b/jffsX-utils/jffs2reader.c
index 87a2167..f776466 100644
--- a/jffsX-utils/jffs2reader.c
+++ b/jffsX-utils/jffs2reader.c
@@ -694,6 +694,11 @@ static struct jffs2_raw_dirent *resolvepath0(char *o, size_t size, uint32_t ino,
pp = path = xstrdup(p);
+ if(path == NULL){
+ *inos = 0;
+ return NULL;
+ }
+
if (*path == '/') {
path++;
ino = 1;
--
2.30.2
More information about the linux-mtd
mailing list