diff mbox series

lib: fwts_memorymap: fix the unchecked end address for strtoull

Message ID 20250512144921.27555-6-ivan.hu@canonical.com
State Accepted
Headers show
Series lib: fwts_memorymap: fix the unchecked end address for strtoull | expand

Commit Message

Ivan Hu May 12, 2025, 2:49 p.m. UTC 
Buglink: https://bugs.launchpad.net/fwts/+bug/2110011

Got the coverity scan fail below
CID 520642: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW)
4. overflow_const: Expression strtoull(str, NULL, 16) - 1ULL, where
strtoull(str, NULL, 16) is known to be equal to 0, underflows the
type of strtoull(str, NULL, 16) - 1ULL, which is type unsigned long long.

Add checking for the end address.

Signed-off-by: Ivan Hu <ivan.hu@canonical.com>
---
 src/lib/src/fwts_memorymap.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)
diff mbox series

Patch

diff --git a/src/lib/src/fwts_memorymap.c b/src/lib/src/fwts_memorymap.c
index 39ead4db..4c7b6377 100644
--- a/src/lib/src/fwts_memorymap.c
+++ b/src/lib/src/fwts_memorymap.c
@@ -26,6 +26,7 @@ 
 #include <unistd.h>
 #include <stdint.h>
 #include <inttypes.h>
+#include <errno.h>
 
 #include "fwts.h"
 
@@ -184,15 +185,19 @@  static void fwts_memory_map_dmesg_info(void *data, void *private)
 	if ((str = strstr(line,"BIOS-memory_map:")) != NULL) {
 		uint64_t start;
 
+		errno = 0;
 		start = strtoull(str+10, NULL, 16);
+		if (errno != 0)
+			return;
 		str = strstr(line," - ");
 		if (str) {
 			uint64_t end;
-
+			errno = 0;
 			str += 3;
-			end = strtoull(str, NULL, 16) - 1;
-
-			fwts_register_memory_map_line(memory_map_list, start, end, fwts_memory_map_str_to_type(line));
+			end = strtoull(str, NULL, 16);
+			if (errno != 0 || end == 0)
+				return;
+			fwts_register_memory_map_line(memory_map_list, start, end - 1, fwts_memory_map_str_to_type(line));
 		}
 	}
 }