Fix: possible out of bounds write in enable-event

In loglevel_str_to_value: Out-of-bounds write to a buffer (CWE-119).

Issue 1019927 of coverity scan.

Signed-off-by: David Goulet <dgoulet@efficios.com>

diff --git a/src/bin/lttng/commands/enable_events.c b/src/bin/lttng/commands/enable_events.c
index 2af85fe476eb74abaf71ea7b456a6ee1723408b1..18793ae095a77cbe8365f09ac0576a06011ea407 100644 (file)
--- a/src/bin/lttng/commands/enable_events.c
+++ b/src/bin/lttng/commands/enable_events.c
@@ -268,7 +268,11 @@ int loglevel_str_to_value(const char *inputstr)
        int i = 0;
        char str[LTTNG_SYMBOL_NAME_LEN];
 
-       while (i < LTTNG_SYMBOL_NAME_LEN && inputstr[i] != '\0') {
+       /*
+        * Loop up to LTTNG_SYMBOL_NAME_LEN minus one because the NULL bytes is
+        * added at the end of the loop so a the upper bound we avoid the overflow.
+        */
+       while (i < (LTTNG_SYMBOL_NAME_LEN - 1) && inputstr[i] != '\0') {
                str[i] = toupper(inputstr[i]);
                i++;
        }