Opened 10 years ago
Closed 10 years ago
#11748 closed bug (no change required)
CID 20155: Negative array index read
| Reported by: | sli908 | Owned by: | nobody |
|---|---|---|---|
| Priority: | normal | Milestone: | R1 |
| Component: | - General | Version: | R1/Development |
| Keywords: | gci2014 | Cc: | |
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
Added a check on the array index variable to prevent accessing a negative index
Attachments (1)
Change History (4)
by , 10 years ago
| Attachment: | 0001-CID-20155-Negative-array-index-read-Added-negative-i.patch added |
|---|
comment:1 by , 10 years ago
| patch: | 0 → 1 |
|---|
comment:2 by , 10 years ago
This fix is wrong. cnt can't be negative (it is initialized to 0 and then incremented only). Apparently the useless condition in the return statement confuses coverity, and this statement should be fixed.
Since this code is actually from gawk/libintl, it would be easier to look at a current version of that and see if the code was already fixed there.
comment:3 by , 10 years ago
| Resolution: | → no change required |
|---|---|
| Status: | new → closed |
Whether the patch is correct or not, I think we probably won't be applying it to our in-tree gawk code since it's 3rd party (I'm surprised we haven't externalized this yet).
Note:
See TracTickets
for help on using tickets.
Patch that adds index check