[Cmake-commits] CMake branch, next, updated. v2.8.12-4087-g819d956

Matt McCormick matt.mccormick at kitware.com
Wed Oct 16 22:55:09 EDT 2013 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "CMake".

The branch, next has been updated
       via  819d956ed877f010b7bb39678484f864f3eda22e (commit)
       via  7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886 (commit)
      from  c241975a8215694ed022a4746d4f955add519811 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=819d956ed877f010b7bb39678484f864f3eda22e
commit 819d956ed877f010b7bb39678484f864f3eda22e
Merge: c241975 7eddefd
Author:     Matt McCormick <matt.mccormick at kitware.com>
AuthorDate: Wed Oct 16 22:55:08 2013 -0400
Commit:     CMake Topic Stage <kwrobot at kitware.com>
CommitDate: Wed Oct 16 22:55:08 2013 -0400

    Merge topic 'coverity-generated-tests' into next
    
    7eddefd TestDriver.cxx.in: Untrusted array index read.


http://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886
commit 7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886
Author:     Matt McCormick <matt.mccormick at kitware.com>
AuthorDate: Mon Oct 7 17:10:06 2013 +0000
Commit:     Matt McCormick <matt.mccormick at kitware.com>
CommitDate: Wed Oct 16 10:11:20 2013 +0000

    TestDriver.cxx.in: Untrusted array index read.
    
    As reported by Coverity Scan, if the configured file contains a #include,
    
      Untrusted array index read
      The array index could be controlled by an attacker, leading to reads outside
      the bounds of the array.
      In main: Read from array at index computed using an unscrutinized value from
      an untrusted source (CWE-129)
    
      CID 1081283 (#1 of 1): Untrusted array index read (TAINTED_SCALAR)
      25. tainted_data: Using tainted variable "testToRun" as an index into an array
      "cmakeGeneratedFunctionMapEntries".

diff --git a/Templates/TestDriver.cxx.in b/Templates/TestDriver.cxx.in
index f4510bb..03916bf 100644
--- a/Templates/TestDriver.cxx.in
+++ b/Templates/TestDriver.cxx.in
@@ -137,6 +137,13 @@ int main(int ac, char *av[])
     {
     int result;
 @CMAKE_TESTDRIVER_BEFORE_TESTMAIN@
+    if (testToRun < 0 || testToRun >= NumTests)
+      {
+      printf(
+        "testToRun was modified by TestDriver code to an invalid value: %3d.\n",
+        testNum);
+      return -1;
+      }
     result = (*cmakeGeneratedFunctionMapEntries[testToRun].func)(ac, av);
 @CMAKE_TESTDRIVER_AFTER_TESTMAIN@
     return result;

-----------------------------------------------------------------------

Summary of changes:
 Templates/TestDriver.cxx.in |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)


hooks/post-receive
-- 
CMake

More information about the Cmake-commits mailing list