Fix warning about out-of-bound read

Actually the second part of the condition guaranteed that an out-of-bound read would never occur but now code is neater. It was: for (j = 0; (j < "too_large_bound") && (const_ca[i].saklist[j] >= 0); j++) Problem reported by Coverity CID 1090332 (#1 of 1): Out-of-bounds read (OVERRUN) 67. overrun-local: Overrunning array "const_ca[i].saklist" of 8 4-byte elements at element index 31 (byte offset 124) using index "j" (which evaluates to 31).
2013-09-19 23:08:06 +02:00 · 2013-09-19 23:08:06 +02:00 · b6b63f10b4
commit b6b63f10b4
parent 3e7dab1e8d
1 changed files with 1 additions and 1 deletions
--- a/libnfc/target-subr.c
+++ b/libnfc/target-subr.c
@ -412,7 +412,7 @@ snprint_nfc_iso14443a_info(char *dst, size_t size, const nfc_iso14443a_info *pna

    for (i = 0; i < sizeof(const_ca) / sizeof(const_ca[0]); i++) {
      if ((atqa & const_ca[i].mask) == const_ca[i].atqa) {
-        for (j = 0; (j < sizeof(const_ca[i].saklist)) && (const_ca[i].saklist[j] >= 0); j++) {
+        for (j = 0; (j < sizeof(const_ca[i].saklist) / sizeof(const_ca[i].saklist[0])) && (const_ca[i].saklist[j] >= 0); j++) {
          int sakindex = const_ca[i].saklist[j];
          if ((sak & const_cs[sakindex].mask) == const_cs[sakindex].sak) {
            off += snprintf(dst + off, size - off, "* %s%s\n", const_ca[i].type, const_cs[sakindex].type);