From 056d0f407f395ae493a6752a3bf0213dcfd1da98 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Sat, 18 May 2019 16:25:23 -0400 Subject: [PATCH] Fix: test_bitfield: buffer overrun accesses MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This issue is due to a type mismatch between union member vs type passed as parameter to the macros as found by Coverity: ** CID 1401409: Memory - corruptions (OVERRUN) /tests/lib/test_bitfield.c: 450 in run_test_signed_write() Issue introduced by commit 0675eb8c07 "Extend test_bitfield coverage" Signed-off-by: Mathieu Desnoyers Change-Id: I14c9d69011b369e5dc8be4305ac8bf32cc86d3dd Reviewed-on: https://review.lttng.org/c/babeltrace/+/1321 CI-Build: Jérémie Galarneau Tested-by: jenkins Reviewed-by: Jérémie Galarneau --- tests/lib/test_bitfield.c | 64 +++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/tests/lib/test_bitfield.c b/tests/lib/test_bitfield.c index 5ba566f6..bc61e118 100644 --- a/tests/lib/test_bitfield.c +++ b/tests/lib/test_bitfield.c @@ -285,32 +285,32 @@ void run_test_unsigned_read(unsigned int src_ui, unsigned long long src_ull) } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.s, unsigned char, s, l, src_ui); - bt_bitfield_read(target.c, unsigned short, s, l, &readval_ui); + bt_bitfield_write(target.c, unsigned char, s, l, src_ui); + bt_bitfield_read(target.s, unsigned short, s, l, &readval_ui); if (check_result(src_ui, readval_ui, target.c, unsigned short, s, l, UNSIGNED_INT_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.i, unsigned char, s, l, src_ui); - bt_bitfield_read(target.c, unsigned int, s, l, &readval_ui); + bt_bitfield_write(target.c, unsigned char, s, l, src_ui); + bt_bitfield_read(target.i, unsigned int, s, l, &readval_ui); if (check_result(src_ui, readval_ui, target.c, unsigned int, s, l, UNSIGNED_INT_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.l, unsigned char, s, l, src_ui); - bt_bitfield_read(target.c, unsigned long, s, l, &readval_ui); + bt_bitfield_write(target.c, unsigned char, s, l, src_ui); + bt_bitfield_read(target.l, unsigned long, s, l, &readval_ui); if (check_result(src_ui, readval_ui, target.c, unsigned long, s, l, UNSIGNED_INT_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.ll, unsigned char, s, l, src_ui); - bt_bitfield_read(target.c, unsigned long long, s, l, &readval_ui); + bt_bitfield_write(target.c, unsigned char, s, l, src_ui); + bt_bitfield_read(target.ll, unsigned long long, s, l, &readval_ui); if (check_result(src_ui, readval_ui, target.c, unsigned long long, s, l, UNSIGNED_INT_READ_TEST_DESC_FMT_STR)) { return; @@ -333,32 +333,32 @@ void run_test_unsigned_read(unsigned int src_ui, unsigned long long src_ull) } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.s, unsigned char, s, l, src_ull); - bt_bitfield_read(target.c, unsigned short, s, l, &readval_ull); + bt_bitfield_write(target.c, unsigned char, s, l, src_ull); + bt_bitfield_read(target.s, unsigned short, s, l, &readval_ull); if (check_result(src_ull, readval_ull, target.c, unsigned short, s, l, UNSIGNED_LONG_LONG_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.i, unsigned char, s, l, src_ull); - bt_bitfield_read(target.c, unsigned int, s, l, &readval_ull); + bt_bitfield_write(target.c, unsigned char, s, l, src_ull); + bt_bitfield_read(target.i, unsigned int, s, l, &readval_ull); if (check_result(src_ull, readval_ull, target.c, unsigned int, s, l, UNSIGNED_LONG_LONG_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.l, unsigned char, s, l, src_ull); - bt_bitfield_read(target.c, unsigned long, s, l, &readval_ull); + bt_bitfield_write(target.c, unsigned char, s, l, src_ull); + bt_bitfield_read(target.l, unsigned long, s, l, &readval_ull); if (check_result(src_ull, readval_ull, target.c, unsigned long, s, l, UNSIGNED_LONG_LONG_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.ll, unsigned char, s, l, src_ull); - bt_bitfield_read(target.c, unsigned long long, s, l, &readval_ull); + bt_bitfield_write(target.c, unsigned char, s, l, src_ull); + bt_bitfield_read(target.ll, unsigned long long, s, l, &readval_ull); if (check_result(src_ull, readval_ull, target.c, unsigned long long, s, l, UNSIGNED_LONG_LONG_READ_TEST_DESC_FMT_STR)) { return; @@ -520,32 +520,32 @@ void run_test_signed_read(int src_i, long long src_ll) } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.s, signed char, s, l, src_i); - bt_bitfield_read(target.c, short, s, l, &readval_i); + bt_bitfield_write(target.c, signed char, s, l, src_i); + bt_bitfield_read(target.s, short, s, l, &readval_i); if (check_result(src_i, readval_i, target.c, short, s, l, SIGNED_INT_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.i, signed char, s, l, src_i); - bt_bitfield_read(target.c, int, s, l, &readval_i); + bt_bitfield_write(target.c, signed char, s, l, src_i); + bt_bitfield_read(target.i, int, s, l, &readval_i); if (check_result(src_i, readval_i, target.c, int, s, l, SIGNED_INT_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.l, signed char, s, l, src_i); - bt_bitfield_read(target.c, long, s, l, &readval_i); + bt_bitfield_write(target.c, signed char, s, l, src_i); + bt_bitfield_read(target.l, long, s, l, &readval_i); if (check_result(src_i, readval_i, target.c, long, s, l, SIGNED_INT_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.ll, signed char, s, l, src_i); - bt_bitfield_read(target.c, long long, s, l, &readval_i); + bt_bitfield_write(target.c, signed char, s, l, src_i); + bt_bitfield_read(target.ll, long long, s, l, &readval_i); if (check_result(src_i, readval_i, target.c, long long, s, l, SIGNED_INT_READ_TEST_DESC_FMT_STR)) { return; @@ -571,32 +571,32 @@ void run_test_signed_read(int src_i, long long src_ll) } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.s, signed char, s, l, src_ll); - bt_bitfield_read(target.c, short, s, l, &readval_ll); + bt_bitfield_write(target.c, signed char, s, l, src_ll); + bt_bitfield_read(target.s, short, s, l, &readval_ll); if (check_result(src_ll, readval_ll, target.c, short, s, l, SIGNED_LONG_LONG_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.i, signed char, s, l, src_ll); - bt_bitfield_read(target.c, int, s, l, &readval_ll); + bt_bitfield_write(target.c, signed char, s, l, src_ll); + bt_bitfield_read(target.i, int, s, l, &readval_ll); if (check_result(src_ll, readval_ll, target.c, int, s, l, SIGNED_LONG_LONG_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.l, signed char, s, l, src_ll); - bt_bitfield_read(target.c, long, s, l, &readval_ll); + bt_bitfield_write(target.c, signed char, s, l, src_ll); + bt_bitfield_read(target.l, long, s, l, &readval_ll); if (check_result(src_ll, readval_ll, target.c, long, s, l, SIGNED_LONG_LONG_READ_TEST_DESC_FMT_STR)) { return; } init_byte_array(target.c, TEST_LEN, 0xFF); - bt_bitfield_write(target.ll, signed char, s, l, src_ll); - bt_bitfield_read(target.c, long long, s, l, &readval_ll); + bt_bitfield_write(target.c, signed char, s, l, src_ll); + bt_bitfield_read(target.ll, long long, s, l, &readval_ll); if (check_result(src_ll, readval_ll, target.c, long long, s, l, SIGNED_LONG_LONG_READ_TEST_DESC_FMT_STR)) { return; -- 2.34.1