From: Oliver Kurth <okurth@vmware.com>
Date: Mon, 9 Sep 2019 18:23:49 +0000 (-0700)
Subject: [AppInfo] OVT Coverity fixes.
X-Git-Tag: stable-11.1.0~233
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=24b17d82ce5cef8bedd3f23454de36b1cbb66e4f;p=thirdparty%2Fopen-vm-tools.git

[AppInfo] OVT Coverity fixes.

The return value of Str_Snprintf is not being checked for negative
values and is directly passed to DynBuf_Append which accepts only
positive values. This may cause issues if Str_Snprintf fails. Added
a trivial check.
---

diff --git a/open-vm-tools/services/plugins/appInfo/appInfo.c b/open-vm-tools/services/plugins/appInfo/appInfo.c
index 774ccae9e..8801b68a0 100644
--- a/open-vm-tools/services/plugins/appInfo/appInfo.c
+++ b/open-vm-tools/services/plugins/appInfo/appInfo.c
@@ -228,11 +228,14 @@ AppInfoGatherTask(ToolsAppCtx *ctx,
 
    tstamp = VMTools_GetTimeAsString();
 
-
    len = Str_Snprintf(tmpBuf, sizeof tmpBuf, headerFmt,
                       APP_INFO_VERSION_1,
                       counter,
                       tstamp != NULL ? tstamp : "");
+   if (len <= 0) {
+      g_warning("Insufficient space for the header.\n");
+      goto abort;
+   }
 
    DynBuf_Append(&dynBuffer, tmpBuf, len);