misc-utils: docfdisk.c: fix potential integer underflow in partition size calculation - mtd-utils.git - A mirror of http://git.infradead.org/mtd-utils.git

diff options

author	Anton Moryakov <ant.v.moryakov@gmail.com>	2025-10-28 01:50:32 +0300
committer	David Oberhollenzer <david.oberhollenzer@sigma-star.at>	2026-04-13 08:42:56 +0200
commit	3528028a687820eebe2a94013d6ec3a052b4c20e (patch)
tree	b6280f7d088f55b1776267e59091503216ebe78c /ubi-utils/src/unubi
parent	a505a2cc56acf493607fdf24cbf129393a0873fa (diff)

misc-utils: docfdisk.c: fix potential integer underflow in partition size calculation

report of the static analyzer: Possible integer underflow: right operand is tainted. An integer underflow may occur due to arithmetic operation (unsigned subtraction) between variables 'totblocks' and 'block', where 'totblocks' is in range { [0, 4294967295] }, and 'block' is tainted { [0, 4294967295] } correct explained: Added validation check before calculating remaining space for partition. The issue occurred when setting the last partition size to 0, which triggers calculation 'totblocks - block'. Without validation, if block >= totblocks, this would result in integer underflow due to unsigned arithmetic, potentially creating a partition with enormous size and leading to device corruption. Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>

Diffstat (limited to 'ubi-utils/src/unubi')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: