[PATCH v3 12/14] selftests/nolibc: prevent out of bounds access in expect_vfprintf

From: Thomas Weißschuh
Date: Thu Aug 03 2023 - 03:29:36 EST


If read() fails and returns -1 (or returns garbage for some other
reason) buf would be accessed out of bounds.
Only use the return value of read() after it has been validated.

Signed-off-by: Thomas Weißschuh <linux@xxxxxxxxxxxxxx>
---
tools/testing/selftests/nolibc/nolibc-test.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c
index 63f09800057d..0145a44af990 100644
--- a/tools/testing/selftests/nolibc/nolibc-test.c
+++ b/tools/testing/selftests/nolibc/nolibc-test.c
@@ -1055,7 +1055,6 @@ static int expect_vfprintf(int llen, int c, const char *expected, const char *fm
lseek(fd, 0, SEEK_SET);

r = read(fd, buf, sizeof(buf) - 1);
- buf[r] = '\0';

fclose(memfile);

@@ -1065,6 +1064,7 @@ static int expect_vfprintf(int llen, int c, const char *expected, const char *fm
return 1;
}

+ buf[r] = '\0';
llen += printf(" \"%s\" = \"%s\"", expected, buf);
ret = strncmp(expected, buf, c);


--
2.41.0