Uploaded image for project: 'WiredTiger'
  1. WiredTiger
  2. WT-8389

Coverity analysis defect 121099: Untrusted loop bound

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • WT10.0.1, 5.2.0
    • Affects Version/s: None
    • Component/s: None
    • None
    • 2
    • Storage - Ra 2021-11-29

      Untrusted loop bound

      An attacker could control the number of times the loop iterates. An unscrutinized value from an untrusted source used as a loop bound
      /test/format/config.c:1271: TAINTED_SCALAR 121099 Calling function "fgets" taints argument "*buf".
      /test/format/config.c:1272: TAINTED_SCALAR 121099 Assigning: "p" = "t = buf". Both are now tainted.
      /test/format/config.c:1284: TAINTED_SCALAR 121099 Assigning: "t" = "p--". Both are now tainted.

            Assignee:
            keith.bostic@mongodb.com Keith Bostic (Inactive)
            Reporter:
            xgen-internal-coverity Coverity Collector User
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: