Opened 10 years ago
Closed 10 years ago
#11748 closed bug (no change required)
CID 20155: Negative array index read
Reported by: | sli908 | Owned by: | nobody |
---|---|---|---|
Priority: | normal | Milestone: | R1 |
Component: | - General | Version: | R1/Development |
Keywords: | gci2014 | Cc: | |
Blocked By: | Blocking: | ||
Platform: | All |
Description
Added a check on the array index variable to prevent accessing a negative index
Attachments (1)
Change History (4)
by , 10 years ago
Attachment: | 0001-CID-20155-Negative-array-index-read-Added-negative-i.patch added |
---|
comment:1 by , 10 years ago
patch: | 0 → 1 |
---|
comment:2 by , 10 years ago
This fix is wrong. cnt can't be negative (it is initialized to 0 and then incremented only). Apparently the useless condition in the return statement confuses coverity, and this statement should be fixed.
Since this code is actually from gawk/libintl, it would be easier to look at a current version of that and see if the code was already fixed there.
comment:3 by , 10 years ago
Resolution: | → no change required |
---|---|
Status: | new → closed |
Whether the patch is correct or not, I think we probably won't be applying it to our in-tree gawk code since it's 3rd party (I'm surprised we haven't externalized this yet).
Patch that adds index check