diff options
author | Matt McCormick <matt.mccormick@kitware.com> | 2013-10-07 17:10:06 +0000 |
---|---|---|
committer | Matt McCormick <matt.mccormick@kitware.com> | 2013-10-16 10:11:20 +0000 |
commit | 7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886 (patch) | |
tree | 5aa1c8fe8a9c8914d1a95c5874fdd8a192c92c79 /Templates | |
parent | 1d9af198a8ea4e9329839c2e1f101106d8bdf505 (diff) | |
download | cmake-7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886.tar.gz |
TestDriver.cxx.in: Untrusted array index read.
As reported by Coverity Scan, if the configured file contains a #include,
Untrusted array index read
The array index could be controlled by an attacker, leading to reads outside
the bounds of the array.
In main: Read from array at index computed using an unscrutinized value from
an untrusted source (CWE-129)
CID 1081283 (#1 of 1): Untrusted array index read (TAINTED_SCALAR)
25. tainted_data: Using tainted variable "testToRun" as an index into an array
"cmakeGeneratedFunctionMapEntries".
Diffstat (limited to 'Templates')
-rw-r--r-- | Templates/TestDriver.cxx.in | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/Templates/TestDriver.cxx.in b/Templates/TestDriver.cxx.in index f4510bb557..03916bf74e 100644 --- a/Templates/TestDriver.cxx.in +++ b/Templates/TestDriver.cxx.in @@ -137,6 +137,13 @@ int main(int ac, char *av[]) { int result; @CMAKE_TESTDRIVER_BEFORE_TESTMAIN@ + if (testToRun < 0 || testToRun >= NumTests) + { + printf( + "testToRun was modified by TestDriver code to an invalid value: %3d.\n", + testNum); + return -1; + } result = (*cmakeGeneratedFunctionMapEntries[testToRun].func)(ac, av); @CMAKE_TESTDRIVER_AFTER_TESTMAIN@ return result; |