From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <michalx.kobylinski@intel.com>
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 by dpdk.org (Postfix) with ESMTP id EC0772C4B
 for <dev@dpdk.org>; Fri, 22 Apr 2016 13:11:46 +0200 (CEST)
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
 by fmsmga103.fm.intel.com with ESMTP; 22 Apr 2016 04:11:47 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.24,516,1455004800"; d="scan'208";a="964218220"
Received: from gklab-246-020.igk.intel.com (HELO Sent) ([10.217.246.20])
 by fmsmga002.fm.intel.com with SMTP; 22 Apr 2016 04:11:44 -0700
Received: by Sent (sSMTP sendmail emulation); Fri, 22 Apr 2016 12:41:03 +0200
From: Michal Kobylinski <michalx.kobylinski@intel.com>
To: cristian.dumitrescu@intel.com,
	dev@dpdk.org
Cc: Michal Kobylinski <michalx.kobylinski@intel.com>
Date: Fri, 22 Apr 2016 12:41:01 +0200
Message-Id: <1461321661-30272-1-git-send-email-michalx.kobylinski@intel.com>
X-Mailer: git-send-email 1.9.1
Subject: [dpdk-dev] [PATCH] cfgfile: fix integer overflow
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Apr 2016 11:11:47 -0000

Fix issue reported by Coverity.

Coverity ID 13289: Integer overflowed argument: The argument will be too
small or even negative, likely resulting in unexpected behavior (for
example, under-allocation in a memory allocation function).
In rte_cfgfile_load: An integer overflow occurs, with the overflowed
value used as an argument to a function

Fixes: eaafbad419bf ("cfgfile: library to interpret config files")

Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com>
---
 lib/librte_cfgfile/rte_cfgfile.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_cfgfile/rte_cfgfile.c b/lib/librte_cfgfile/rte_cfgfile.c
index 75625a2..0a5a279 100644
--- a/lib/librte_cfgfile/rte_cfgfile.c
+++ b/lib/librte_cfgfile/rte_cfgfile.c
@@ -135,7 +135,7 @@ rte_cfgfile_load(const char *filename, int flags)
 				goto error1;
 			}
 			*end = '\0';
-			_strip(&buffer[1], end - &buffer[1]);
+			_strip(&buffer[1], (unsigned)(end - &buffer[1]));
 
 			/* close off old section and add start new one */
 			if (curr_section >= 0)
-- 
1.9.1