Add a coverity-only check to pacify Coverity (CID #1604620)

author James Jones <jejones3141@gmail.com>

Tue, 23 Jul 2024 19:50:19 +0000 (14:50 -0500)

committer Arran Cudbard-Bell <a.cudbardb@freeradius.org>

Tue, 10 Sep 2024 18:30:51 +0000 (12:30 -0600)
author James Jones <jejones3141@gmail.com>
Tue, 23 Jul 2024 19:50:19 +0000 (14:50 -0500)
committer Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Tue, 10 Sep 2024 18:30:51 +0000 (12:30 -0600)
diff --git a/src/listen/control/proto_control_unix.c b/src/listen/control/proto_control_unix.c

index 54f7aceaf0ea7a07f8c772506cf75751b9f7c0b4..0c3acde40a47b3a82baa1f936cd457f9eecb4356 100644 (file)
--- a/src/listen/control/proto_control_unix.c
+++ b/src/listen/control/proto_control_unix.c
@@ -359,6 +359,20 @@ static ssize_t mod_write(fr_listen_t *li, UNUSED void *packet_ctx, UNUSED fr_tim
          */
         if (data_size <= 0) return data_size;
  
+#ifdef __COVERITY__
+       /*
+        *      data_size and written have type size_t, so
+        *      their sum can at least in theory exceed SSIZE_MAX.
+        *      We add this check to placate Coverity.
+        *
+        *      When Coverity examines this function it doesn't have
+        *      the caller context to see that it's honoring needed
+        *      preconditions (buffer_len <=SSIZE_MAX, and the loop
+        *      schema needed to use this function).
+        */
+       if (data_size + written > SSIZE_MAX) return -1;
+#endif
+
         return data_size + written;
  }
author	James Jones <jejones3141@gmail.com>
	Tue, 23 Jul 2024 19:50:19 +0000 (14:50 -0500)
committer	Arran Cudbard-Bell <a.cudbardb@freeradius.org>
	Tue, 10 Sep 2024 18:30:51 +0000 (12:30 -0600)