misc-utils: docfdisk.c: validate partition size to prevent arithmetic overflow - mtd-utils.git - A mirror of http://git.infradead.org/mtd-utils.git

diff options

author	Anton Moryakov <ant.v.moryakov@gmail.com>	2025-10-28 13:48:10 +0300
committer	David Oberhollenzer <david.oberhollenzer@sigma-star.at>	2026-04-13 08:42:56 +0200
commit	5f7dd327a813c83f97f4a6128bb82c021ed870d8 (patch)
tree	82ae3b3c6601f734529004e19b06011e7f90cdcc /tests/unittests/sysfs_mock/class/mtd/mtd0
parent	3528028a687820eebe2a94013d6ec3a052b4c20e (diff)

misc-utils: docfdisk.c: validate partition size to prevent arithmetic overflow

report of the static analyzer: Possible integer overflow: right operand is tainted. An integer overflow may occur due to arithmetic operation (addition) between variable 'block' and value { [1, 4294967295] } of 'nblocks[i]', when 'block' is equal to '1' correct explained: Added bounds check before incrementing block counter to ensure that adding nblocks[i] does not exceed totblocks. This prevents potential integer overflow when user-specified partition sizes are too large, which could lead to incorrect partition table layout and device corruption. The validation ensures safe arithmetic by checking block + nblocks[i] <= totblocks using unsigned comparison. Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>

Diffstat (limited to 'tests/unittests/sysfs_mock/class/mtd/mtd0')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: