diff mbox series

[BlueZ,v2,05/20] client/main: Fix array access

Message ID	20240510121355.3241456-6-hadess@hadess.net
State	Superseded
Headers	show Received: from relay3-d.mail.gandi.net (relay3-d.mail.gandi.net [217.70.183.195]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6535C16FF3B for <linux-bluetooth@vger.kernel.org>; Fri, 10 May 2024 12:14:04 +0000 (UTC) From: Bastien Nocera <hadess@hadess.net> To: linux-bluetooth@vger.kernel.org Cc: Bastien Nocera <hadess@hadess.net> Subject: [BlueZ v2 05/20] client/main: Fix array access Date: Fri, 10 May 2024 14:10:15 +0200 Message-ID: <20240510121355.3241456-6-hadess@hadess.net> In-Reply-To: <20240510121355.3241456-1-hadess@hadess.net> References: <20240510121355.3241456-1-hadess@hadess.net> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	Fix a number of static analysis issues \| expand [BlueZ,v2,00/20] Fix a number of static analysis issues [BlueZ,v2,01/20] adapter: Use false instead of 0 for bool [BlueZ,v2,02/20] attrib/gatt: Guard against possible integer overflow [BlueZ,v2,03/20] client/gatt: Don't pass negative fd on error [BlueZ,v2,04/20] client/gatt: Check write_value() retval [BlueZ,v2,05/20] client/main: Fix array access [BlueZ,v2,06/20] client/main: Fix mismatched free [BlueZ,v2,07/20] monitor/att: Fix memory leak [BlueZ,v2,08/20] bap: Fix memory leaks [BlueZ,v2,09/20] media: Fix memory leak [BlueZ,v2,10/20] main: Fix memory leaks [BlueZ,v2,11/20] isotest: Consider "0" fd to be valid [BlueZ,v2,12/20] isotest: Fix error check after opening file [BlueZ,v2,13/20] client/player: Fix copy/paste error [BlueZ,v2,14/20] shared/vcp: Fix copy/paste error [BlueZ,v2,15/20] isotest: Fix fd leak [BlueZ,v2,16/20] iso-tester: Fix fd leak [BlueZ,v2,17/20] sdp: Fix use of uninitialised memory [BlueZ,v2,18/20] monitor: Work-around memory leak warning [BlueZ,v2,19/20] avrcp: Fix uninitialised memory usage [BlueZ,v2,20/20] main: Simplify variable assignment

Commit Message

Bastien Nocera May 10, 2024, 12:10 p.m. UTC

Error: CPPCHECK_WARNING (CWE-788): [#def36]
bluez-5.75/client/main.c:833: error[ctuArrayIndex]: Array index out of bounds; 'argv' buffer size is 0 and it is accessed at offset 1.
831|	const char **opt;
832|
833|->	if (!strcmp(argv[1], "help")) {
834|		for (opt = arg_table; opt && *opt; opt++)
835|			bt_shell_printf("%s\n", *opt);
---
 client/main.c | 5 +++++
 1 file changed, 5 insertions(+)

diff mbox series

Patch

diff --git a/client/main.c b/client/main.c
index 51d08a67aa1a..f703cc91b24a 100644
--- a/client/main.c
+++ b/client/main.c
@@ -830,6 +830,11 @@  static gboolean parse_argument(int argc, char *argv[], const char **arg_table,
 {
 	const char **opt;
 
+	if (argc < 2) {
+		bt_shell_printf("Missing argument to %s\n", argv[0]);
+		return FALSE;
+	}
+
 	if (!strcmp(argv[1], "help")) {
 		for (opt = arg_table; opt && *opt; opt++)
 			bt_shell_printf("%s\n", *opt);