seccomp / libseccomp / 13912735329

89%

main: 89%

push

github

api: fix seccomp_export_bpf_mem out-of-bounds read

*len is the length of the destination buffer, but program->blks is
probably not anywhere near that long.  It's already been checked above
that BPF_PGM_SIZE(program) is less than or equal to *len, so that's
the correct value to use here to avoid either reading or writing too
much.

I noticed this because tests/11-basic-basic_errors started failing on
musl after e797591 ("all: add seccomp_precompute() functionality").

Signed-off-by: Alyssa Ross <hi@alyssa.is>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
(imported from commit e8dbc6b55)

1 of 1 new or added line in 1 file covered. (100.0%)

2718 of 3012 relevant lines covered (90.24%)

291703.37 hits per line