From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Sat, 28 Mar 2026 19:52:09 +0000 (+0000)
Subject: sd-event: add assert to help static analysis trace signal bounds
X-Git-Tag: v261-rc1~691^2~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c8b53fcfd3463679e6475e9b57b61a97dac1a287;p=thirdparty%2Fsystemd.git

sd-event: add assert to help static analysis trace signal bounds

Coverity flags the signal_sources array access as a potential
out-of-bounds read because it cannot trace through the SIGNAL_VALID()
macro to know that ssi_signo < _NSIG. Add an explicit assert after
the runtime check to make the constraint visible to static analyzers.

CID#1548033

Follow-up for 7a64c5f23efbb51fe4f1229c1a8aed6dd858a0a9
---

diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
index b78cfe86fa4..6867385e92a 100644
--- a/src/libsystemd/sd-event/sd-event.c
+++ b/src/libsystemd/sd-event/sd-event.c
@@ -3807,6 +3807,9 @@ static int process_signal(sd_event *e, struct signal_data *d, uint32_t events, i
                 if (_unlikely_(!SIGNAL_VALID(si.ssi_signo)))
                         return -EIO;
 
+                /* Silence static analyzers */
+                assert(si.ssi_signo < _NSIG);
+
                 if (e->signal_sources)
                         s = e->signal_sources[si.ssi_signo];
                 if (!s)