This is the mail archive of the
cygwin-patches
mailing list for the Cygwin project.
[PATCH] Attempt to fix Coverity issues in ssp
- From: Jon Turney <jon dot turney at dronecode dot org dot uk>
- To: cygwin-patches at cygwin dot com
- Cc: Jon Turney <jon dot turney at dronecode dot org dot uk>
- Date: Tue, 15 Mar 2016 13:12:51 +0000
- Subject: [PATCH] Attempt to fix Coverity issues in ssp
- Authentication-results: sourceware.org; auth=none
* ssp.c (lookup_thread_id): Consistently check if tix is a null
pointer.
(run_program): Annotate that STATUS_BREAKPOINT falls-through to
STATUS_SINGLE_STEP case.
(main): Guard against high_pc-low_pc overflow and malloc failure.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
---
winsup/utils/ssp.c | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)
diff --git a/winsup/utils/ssp.c b/winsup/utils/ssp.c
index c9165f3..0bca544 100644
--- a/winsup/utils/ssp.c
+++ b/winsup/utils/ssp.c
@@ -182,7 +182,10 @@ static HANDLE
lookup_thread_id (DWORD threadId, int *tix)
{
int i;
- *tix = 0;
+
+ if (tix)
+ *tix = 0;
+
for (i=0; i<num_active_threads; i++)
if (active_thread_ids[i] == threadId)
{
@@ -463,6 +466,7 @@ run_program (char *cmdline)
thread_return_address[tix] = rv;
}
set_step_threads (event.dwThreadId, stepping_enabled);
+ /* fall-through */
case STATUS_SINGLE_STEP:
opcode_count++;
pc = (CONTEXT_REG)event.u.Exception.ExceptionRecord.ExceptionAddress;
@@ -854,6 +858,7 @@ main (int argc, char **argv)
int c, i;
int total_pcount = 0, total_scount = 0;
FILE *gmon;
+ ssize_t range;
setbuf (stdout, 0);
@@ -906,14 +911,20 @@ main (int argc, char **argv)
sscanf (argv[optind++], ADDR_SSCANF_FMT, &low_pc);
sscanf (argv[optind++], ADDR_SSCANF_FMT, &high_pc);
- if (low_pc > high_pc-8)
+ range = high_pc - low_pc;
+ if (range <= 0)
{
fprintf (stderr, "Hey, low_pc must be lower than high_pc\n");
exit (1);
}
- hits = (HISTCOUNTER *)malloc (high_pc-low_pc+4);
- memset (hits, 0, high_pc-low_pc+4);
+ hits = (HISTCOUNTER *)malloc (range+4);
+ if (!hits)
+ {
+ fprintf (stderr, "Ouch, malloc failed\n");
+ exit (1);
+ }
+ memset (hits, 0, range+4);
fprintf (stderr, "prun: [" CONTEXT_REG_FMT "," CONTEXT_REG_FMT "] Running '%s'\n",
low_pc, high_pc, argv[optind]);
@@ -922,13 +933,13 @@ main (int argc, char **argv)
hdr.lpc = low_pc;
hdr.hpc = high_pc;
- hdr.ncnt = high_pc-low_pc + sizeof (hdr);
+ hdr.ncnt = range + sizeof (hdr);
hdr.version = GMONVERSION;
hdr.profrate = 100;
gmon = fopen ("gmon.out", "wb");
fwrite (&hdr, 1, sizeof (hdr), gmon);
- fwrite (hits, 1, high_pc-low_pc, gmon);
+ fwrite (hits, 1, range, gmon);
write_call_edges (gmon);
fclose (gmon);
--
2.7.0