Fix: add element length check in lttng_index_file_open

Handle cases where the index file header would contain a corrupted
value.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

diff --git a/src/common/index/index.c b/src/common/index/index.c
index b5591d137c923a97617005f9a85145e09264cba4..b481badb1d6556e2f6f1807264d33e81e6be41b2 100644 (file)
--- a/src/common/index/index.c
+++ b/src/common/index/index.c
@@ -245,6 +245,10 @@ struct lttng_index_file *lttng_index_file_open(const char *path_name,
                ERR("Invalid header version");
                goto error_close;
        }
                ERR("Invalid header version");
                goto error_close;
        }

+       if (element_len > sizeof(struct ctf_packet_index)) {
+               ERR("Index element length too long");
+               goto error_close;
+       }

 
        index_file->fd = read_fd;
        index_file->major = major;
 
        index_file->fd = read_fd;
        index_file->major = major;