TestDriver.cxx.in: Untrusted array index read.

As reported by Coverity Scan, if the configured file contains a #include, Untrusted array index read The array index could be controlled by an attacker, leading to reads outside the bounds of the array. In main: Read from array at index computed using an unscrutinized value from an untrusted source (CWE-129) CID 1081283 (#1 of 1): Untrusted array index read (TAINTED_SCALAR) 25. tainted_data: Using tainted variable "testToRun" as an index into an array "cmakeGeneratedFunctionMapEntries".
author: Matt McCormick <matt.mccormick@kitware.com> 2013-10-07 17:10:06 +0000
committer: Matt McCormick <matt.mccormick@kitware.com> 2013-10-16 10:11:20 +0000
commit: 7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886 (patch)
tree: 5aa1c8fe8a9c8914d1a95c5874fdd8a192c92c79 /Templates
parent: 1d9af198a8ea4e9329839c2e1f101106d8bdf505 (diff)
download: cmake-7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/Templates/TestDriver.cxx.in b/Templates/TestDriver.cxx.in
index f4510bb557..03916bf74e 100644
--- a/Templates/TestDriver.cxx.in
+++ b/Templates/TestDriver.cxx.in
@@ -137,6 +137,13 @@ int main(int ac, char *av[])
     {
     int result;
 @CMAKE_TESTDRIVER_BEFORE_TESTMAIN@
+    if (testToRun < 0 || testToRun >= NumTests)
+      {
+      printf(
+        "testToRun was modified by TestDriver code to an invalid value: %3d.\n",
+        testNum);
+      return -1;
+      }
     result = (*cmakeGeneratedFunctionMapEntries[testToRun].func)(ac, av);
 @CMAKE_TESTDRIVER_AFTER_TESTMAIN@
     return result;
author	Matt McCormick <matt.mccormick@kitware.com>	2013-10-07 17:10:06 +0000
committer	Matt McCormick <matt.mccormick@kitware.com>	2013-10-16 10:11:20 +0000
commit	7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886 (patch)
tree	5aa1c8fe8a9c8914d1a95c5874fdd8a192c92c79 /Templates
parent	1d9af198a8ea4e9329839c2e1f101106d8bdf505 (diff)
download	cmake-7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886.tar.gz