Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add further sanity checking of hdr->error_no (#805)
>>> CID 467267: Insecure data handling (INTEGER_OVERFLOW) >>> The cast of "hdr->error_no" to a signed type could result in a negative number. Indeed, if a client sends a very large ->error_no, this could end up with a negative errno value. This doesn't seem like an issue, but nonetheless tighten up our validation. For some reason Coverity only complained about tran_pipe.c, but the same problem exists in tran_sock.c. Signed-off-by: John Levon <john.levon@nutanix.com>
- Loading branch information