projects / platform / upstream / bluez.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a582bc8) | patch
tools: Fix signed integer overflow in btsnoop.c
authorIldar Kamaletdinov <i.kamaletdinov@omp.ru>
Fri, 1 Apr 2022 12:16:44 +0000 (15:16 +0300)
committerAyush Garg <ayush.garg@samsung.com>
Mon, 15 May 2023 09:25:54 +0000 (14:55 +0530)
commit648e6fa1fe2521c554daebfa1613144e5c830ee3
tree8c933aff61967e70b789d46b83b2275ef1a116actree | snapshot
parenta582bc8ff39008b8994e9b1f68417b65cdac6941commit | diff
tools: Fix signed integer overflow in btsnoop.c

If malformed packet is proceed with zero 'size' field we will face with
wrong behaviour of write() call. Value 'toread - 1' gives wrong sign
for value 'written' (-1) in write() call. To prevent this we should
check that 'toread' is not equal to zero.

Found by Linux Verification Center (linuxtesting.org) with the SVACE
static analysis tool.

Signed-off-by: Manika Shrivastava <manika.sh@samsung.com>
Signed-off-by: Ayush Garg <ayush.garg@samsung.com>
tools/btsnoop.c diff | blob | history
Domain: Network & Connectivity / Bluetooth;