mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 01:57:43 +00:00
Code Issues Releases Wiki Activity

parser: fix coverity scan 553075

Browse Source 
coverity is reporting an overrun of the profile_mode_table

217     		if (merge_profile_mode(mode, rhs.mode) == MODE_CONFLICT)
>>>     CID 322989:    (OVERRUN)
>>>     Overrunning array "profile_mode_table" of 6 8-byte elements at element index 6 (byte offset 55) using index "this->mode" (which evaluates to 6).

this is because it is being indexed by the profile_mode enum which can
go up to a 6th entry. The code tests for MODE_CONFLICT before using
the table so it shouldn't trigger a bug today, but play it safe for
the future and also get rid of the coverity scan error by adding a
"conflict" entry to the mode_table.

Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen 2023-08-25 23:49:32 -07:00
parent 96965c3da2
commit ef56e60e06
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
parser/profile.cc
View File

@ -27,7 +27,8 @@ const char *profile_mode_table[] = {
"complain", "complain",
"kill", "kill",
"unconfined", "unconfined",
"prompt" "prompt",
"conflict" /* should not ever be displayed */
}; };
bool deref_profileptr_lt::operator()(Profile * const &lhs, Profile * const &rhs) const bool deref_profileptr_lt::operator()(Profile * const &lhs, Profile * const &rhs) const