Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix the overrun issue reported by static application security testing
The current issue is reported by the SAST(Static Application Security Testing) as below: Error: OVERRUN: snappy_unittest.cc:95: return_constant: Function call "sysconf(_SC_PAGESIZE)" may return -1. snappy_unittest.cc:95: assignment: Assigning: "page_size" = "sysconf(_SC_PAGESIZE)". The value of "page_size" is now 18446744073709551615. snappy_unittest.cc:97: overrun-buffer-arg: Calling "mprotect" with "this->protected_page_" and "page_size" is suspicious because of the very large index, 18446744073709551615. The index may be due to a negative parameter being interpreted as unsigned. # 95| const size_t page_size = sysconf(_SC_PAGESIZE); # 96| // Undo the mprotect. # 97|-> CHECK_EQ(0, mprotect(protected_page_, page_size, PROT_READ|PROT_WRITE)); # 98| CHECK_EQ(0, munmap(mem_, alloc_size_)); # 99| } Let's set the page size to 4096, if the invoking sysconf(_SC_PAGESIZE) failed, otherwise still use the actual value of sysconf(_SC_PAGESIZE). In addition, also save its value in the constructor function in order to use it again in the deconstructor function, that can avoid calling the sysconf(_SC_PAGESIZE) twice. (Did the same changes in snappy_test_tool.cc). Signed-off-by: Lianbo Jiang <[email protected]>
- Loading branch information