43 lines
1.0 KiB
Diff
43 lines
1.0 KiB
Diff
From f5c35d7d5e064af5ad31d22f900d148d932ad9b1 Mon Sep 17 00:00:00 2001
|
|
From: cgzones <cgzones@googlemail.com>
|
|
Date: Mon, 15 Jan 2024 21:44:04 +0100
|
|
Subject: [PATCH] lib: avoid UB on sequence wrap-around (#347)
|
|
|
|
Signed integer overflow is undefined, allowing compilers to optimize the
|
|
condition `++sequence < 0` away.
|
|
|
|
Reference:https://github.com/linux-audit/audit-userspace/commit/f5c35d7d5e064af5ad31d22f900d148d932ad9b1
|
|
Conflict:NA
|
|
|
|
---
|
|
lib/netlink.c | 5 ++++-
|
|
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/netlink.c b/lib/netlink.c
|
|
index 3381651a..4a6bd54d 100644
|
|
--- a/lib/netlink.c
|
|
+++ b/lib/netlink.c
|
|
@@ -26,6 +26,7 @@
|
|
#include <string.h>
|
|
#include <errno.h>
|
|
#include <fcntl.h>
|
|
+#include <limits.h>
|
|
#include <time.h>
|
|
#include <sys/poll.h>
|
|
#include "libaudit.h"
|
|
@@ -204,8 +205,10 @@ int __audit_send(int fd, int type, const void *data, unsigned int size, int *seq
|
|
return -errno;
|
|
}
|
|
|
|
- if (++sequence < 0)
|
|
+ if (sequence == INT_MAX)
|
|
sequence = 1;
|
|
+ else
|
|
+ sequence++;
|
|
*seq = sequence;
|
|
|
|
memset(&req, 0, sizeof(req));
|
|
--
|
|
2.33.0
|
|
|