[apparmor] [PATCH] parser: Quiet valgrind false positive
Tyler Hicks
tyhicks at canonical.com
Wed Feb 5 18:22:42 UTC 2014
strlen() assumes that it can read an entire word but when a char array
array does not end on a word boundary, it reads past the end of the
array. This results in the following valgrind warning:
Invalid read of size 4
at 0x40A162: yylex() (parser_lex.l:277)
by 0x40FA14: yyparse() (parser_yacc.c:1487)
by 0x40C5B9: process_profile(int, char const*) (parser_main.c:1003)
by 0x404074: main (parser_main.c:1340)
Address 0x578d870 is 16 bytes inside a block of size 18 alloc'd
at 0x4C2A420: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x53E31C9: strdup (strdup.c:42)
by 0x40A145: yylex() (parser_lex.l:276)
by 0x40FA14: yyparse() (parser_yacc.c:1487)
by 0x40C5B9: process_profile(int, char const*) (parser_main.c:1003)
by 0x404074: main (parser_main.c:1340)
This patch quiets the warning by not using strlen(). This can be done
because yyleng already contains the length of string.
Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
---
parser/parser_lex.l | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/parser/parser_lex.l b/parser/parser_lex.l
index 1938297..1b60053 100644
--- a/parser/parser_lex.l
+++ b/parser/parser_lex.l
@@ -273,8 +273,7 @@ LT_EQUAL <=
<INCLUDE>{
(\<([^\> \t\n]+)\>|\"([^\" \t\n]+)\") { /* <filename> */
- char *filename = strdup(yytext);
- filename[strlen(filename) - 1] = '\0';
+ char *filename = strndup(yytext, yyleng - 1);
include_filename(filename + 1, *filename == '<');
free(filename);
yy_pop_state();
--
1.9.rc1
More information about the AppArmor
mailing list