From 2f0eb44da35bee5a0fb62c182ff67fd155aeac25 Mon Sep 17 00:00:00 2001 From: Florian Forster Date: Fri, 18 Dec 2015 09:24:19 +0100 Subject: [PATCH] network plugin: Check range of pkg_numval. This is essentially the same as the check using exp_size a couple lines earlier, but that appears to be too indirect for Coverity to understand. This hopefully fixes the resulting "tainted_data_return" errors. CID: 48420 --- src/network.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/network.c b/src/network.c index 91690006..f44fe621 100644 --- a/src/network.c +++ b/src/network.c @@ -817,6 +817,7 @@ static int parse_part_values (void **ret_buffer, size_t *ret_buffer_len, exp_size, buffer_len); return (-1); } + assert (pkg_numval <= ((buffer_len - 6) / 9)); if (pkg_length != exp_size) { -- 2.11.0