From: David Goulet Date: Tue, 22 Jan 2013 20:28:36 +0000 (-0500) Subject: Fix: poll max size should be checked during resize X-Git-Tag: v2.2.0-rc1~89 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=ac018a8b4890dcf6f0eb9d4b5dee600269e79b29;p=lttng-tools.git Fix: poll max size should be checked during resize This was detected using cppcheck: [src/common/compat/compat-poll.c:204]: (error) Uninitialized variable: new_size So, the check was always made over an uninitialized variable on the stack. Fortunately, worst case scenario, new_size is set to the maximum allowed or kept untouched. Signed-off-by: David Goulet --- diff --git a/src/common/compat/compat-poll.c b/src/common/compat/compat-poll.c index cff9f44b8..bc79eed0a 100644 --- a/src/common/compat/compat-poll.c +++ b/src/common/compat/compat-poll.c @@ -40,6 +40,11 @@ static int resize_poll_event(struct compat_poll_event_array *array, assert(array); + /* Refuse to resize the array more than the max size. */ + if (new_size > poll_max_size) { + goto error; + } + ptr = realloc(array->events, new_size * sizeof(*ptr)); if (ptr == NULL) { PERROR("realloc epoll add"); @@ -200,11 +205,6 @@ int compat_poll_del(struct lttng_poll_event *events, int fd) /* Ease our life a bit. */ current = &events->current; - /* Safety check on size */ - if (new_size > poll_max_size) { - new_size = poll_max_size; - } - /* Check if we need to shrink it down. */ if ((current->nb_fd << 1UL) <= current->alloc_size && current->nb_fd >= current->init_size) {