diff options
| author | Jon Turney <jon.turney@dronecode.org.uk> | 2016-03-15 12:57:33 +0000 |
|---|---|---|
| committer | Jon Turney <jon.turney@dronecode.org.uk> | 2016-03-15 13:25:57 +0000 |
| commit | e8e379ff1d8c7a018f327f89ff3528213920f56f (patch) | |
| tree | 02a30d0c7e672828eb1fc457e2f378a94e3bb42e | |
| parent | 7176a85cd48d37bc068312ffa79f254305cf4511 (diff) | |
| download | cygnal-e8e379ff1d8c7a018f327f89ff3528213920f56f.tar.gz cygnal-e8e379ff1d8c7a018f327f89ff3528213920f56f.tar.bz2 cygnal-e8e379ff1d8c7a018f327f89ff3528213920f56f.zip | |
Attempt to fix Coverity issues in ssp
* ssp.c (lookup_thread_id): Consistently check if tix is a null
pointer.
(run_program): Annotate that STATUS_BREAKPOINT falls-through to
STATUS_SINGLE_STEP case.
(main): Guard against high_pc-low_pc overflow and malloc failure.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
| -rw-r--r-- | winsup/utils/ssp.c | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/winsup/utils/ssp.c b/winsup/utils/ssp.c index c9165f3dd..0bca5448c 100644 --- a/winsup/utils/ssp.c +++ b/winsup/utils/ssp.c @@ -182,7 +182,10 @@ static HANDLE lookup_thread_id (DWORD threadId, int *tix) { int i; - *tix = 0; + + if (tix) + *tix = 0; + for (i=0; i<num_active_threads; i++) if (active_thread_ids[i] == threadId) { @@ -463,6 +466,7 @@ run_program (char *cmdline) thread_return_address[tix] = rv; } set_step_threads (event.dwThreadId, stepping_enabled); + /* fall-through */ case STATUS_SINGLE_STEP: opcode_count++; pc = (CONTEXT_REG)event.u.Exception.ExceptionRecord.ExceptionAddress; @@ -854,6 +858,7 @@ main (int argc, char **argv) int c, i; int total_pcount = 0, total_scount = 0; FILE *gmon; + ssize_t range; setbuf (stdout, 0); @@ -906,14 +911,20 @@ main (int argc, char **argv) sscanf (argv[optind++], ADDR_SSCANF_FMT, &low_pc); sscanf (argv[optind++], ADDR_SSCANF_FMT, &high_pc); - if (low_pc > high_pc-8) + range = high_pc - low_pc; + if (range <= 0) { fprintf (stderr, "Hey, low_pc must be lower than high_pc\n"); exit (1); } - hits = (HISTCOUNTER *)malloc (high_pc-low_pc+4); - memset (hits, 0, high_pc-low_pc+4); + hits = (HISTCOUNTER *)malloc (range+4); + if (!hits) + { + fprintf (stderr, "Ouch, malloc failed\n"); + exit (1); + } + memset (hits, 0, range+4); fprintf (stderr, "prun: [" CONTEXT_REG_FMT "," CONTEXT_REG_FMT "] Running '%s'\n", low_pc, high_pc, argv[optind]); @@ -922,13 +933,13 @@ main (int argc, char **argv) hdr.lpc = low_pc; hdr.hpc = high_pc; - hdr.ncnt = high_pc-low_pc + sizeof (hdr); + hdr.ncnt = range + sizeof (hdr); hdr.version = GMONVERSION; hdr.profrate = 100; gmon = fopen ("gmon.out", "wb"); fwrite (&hdr, 1, sizeof (hdr), gmon); - fwrite (hits, 1, high_pc-low_pc, gmon); + fwrite (hits, 1, range, gmon); write_call_edges (gmon); fclose (gmon); |