Merged, thanks!
Jérémie
On Tue, May 17, 2016 at 9:11 AM, Mathieu Desnoyers
<mathieu.desnoyers at efficios.com> wrote:
> Found by Coverity:
>
> CID 1242317 (#1 of 2): Integer overflowed argument (INTEGER_OVERFLOW)25.
> overflow_sink: Overflowed or truncated value (or a value computed from
> an overflowed or truncated value) new_nbmem * 304UL used as critical
> argument to function.
>
> CID 1242317 (#2 of 2): Integer overflowed argument (INTEGER_OVERFLOW)27.
> overflow_sink: Overflowed or truncated value (or a value computed from
> an overflowed or truncated value) (new_nbmem - nbmem) * 304UL used as
> critical argument to function.
>
> Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers at efficios.com>
> ---
> src/bin/lttng-sessiond/syscall.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/bin/lttng-sessiond/syscall.c b/src/bin/lttng-sessiond/syscall.c
> index 02fec15..cbc8cdf 100644
> --- a/src/bin/lttng-sessiond/syscall.c
> +++ b/src/bin/lttng-sessiond/syscall.c
> @@ -82,7 +82,7 @@ int syscall_init_table(void)
>
> /* Double memory size. */
> new_nbmem = max(index, nbmem << 1);
> - if (new_nbmem < nbmem) {
> + if (new_nbmem > SIZE_MAX / sizeof(*new_list)) {
> /* Overflow, stop everything, something went really wrong. */
> ERR("Syscall listing memory size overflow. Stopping");
> free(syscall_table);
> --
> 2.1.4
>
--
Jérémie Galarneau
EfficiOS Inc.
http://www.efficios.com