On Fri, 22 Apr 2016 12:41:01 +0200
Michal Kobylinski <michalx.kobylinski at intel.com> wrote:
> Fix issue reported by Coverity.
>
> Coverity ID 13289: Integer overflowed argument: The argument will be too
> small or even negative, likely resulting in unexpected behavior (for
> example, under-allocation in a memory allocation function).
> In rte_cfgfile_load: An integer overflow occurs, with the overflowed
> value used as an argument to a function
>
> Fixes: eaafbad419bf ("cfgfile: library to interpret config files")
>
> Signed-off-by: Michal Kobylinski <michalx.kobylinski at intel.com>
> ---
> lib/librte_cfgfile/rte_cfgfile.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/librte_cfgfile/rte_cfgfile.c
> b/lib/librte_cfgfile/rte_cfgfile.c
> index 75625a2..0a5a279 100644
> --- a/lib/librte_cfgfile/rte_cfgfile.c
> +++ b/lib/librte_cfgfile/rte_cfgfile.c
> @@ -135,7 +135,7 @@ rte_cfgfile_load(const char *filename, int flags)
> goto error1;
> }
> *end = '\0';
> - _strip(&buffer[1], end - &buffer[1]);
> + _strip(&buffer[1], (unsigned)(end - &buffer[1]));
>
The cast doesn't actually fix any potential bug. It just causes the
function to get an signed overflow value.
