Fix Coverity issue OVERRUN

IlanTruanovsky · IlanTruanovsky · commit 11e6399d3b32 · 2023-01-17T11:23:32.000-08:00
lib/pkg_editor/src/pkg_editor.c:1411:9:
  Type: Out-of-bounds read (OVERRUN)

lib/pkg_editor/src/pkg_editor.c:1323:3:
  1. path: Condition "!append_data(&amp;info, 20UL /* sizeof (info) */, z_info, of, 0)", taking false branch. lib/pkg_editor/src/pkg_editor.c:1330:3:
  2. path: Condition "!append_data(dir_name, name_length, z_info, of, 0)", taking false branch. lib/pkg_editor/src/pkg_editor.c:1385:5:
  3. path: Condition "8192UL /* 2 * 4096 */ &lt; name_length", taking false branch. lib/pkg_editor/src/pkg_editor.c:1385:5:
  4. cond_at_most: Checking "8192UL &lt; name_length" implies that "info.name_length" and "name_length" may be up to 8192 on the false branch. lib/pkg_editor/src/pkg_editor.c:1398:5:
  5. path: Condition "dir == NULL", taking false branch. lib/pkg_editor/src/pkg_editor.c:1404:5:
  6. path: Condition "entry", taking true branch. lib/pkg_editor/src/pkg_editor.c:1406:7:
  7. path: Condition "strcmp(entry-&gt;d_name, ".") != 0", taking true branch. lib/pkg_editor/src/pkg_editor.c:1406:7:
  8. path: Condition "strcmp(entry-&gt;d_name, "..") != 0", taking true branch. lib/pkg_editor/src/pkg_editor.c:1411:9:
  9. overrun-local: Overrunning array of 8192 bytes at byte offset 8192 by dereferencing pointer "full_name + name_length". [Note: The source code implementation of the function has been overridden by a builtin model.]
diff --git a/lib/pkg_editor/src/pkg_editor.c b/lib/pkg_editor/src/pkg_editor.c
@@ -1344,7 +1344,7 @@ static acl_pack_kind add_directory(const char *out_file, FILE *of,
 #ifdef _WIN32
 #define FULL_NAME_LENGTH (2 * MAX_PATH)
     char full_name[FULL_NAME_LENGTH];
-    if (FULL_NAME_LENGTH < name_length) {
+    if (FULL_NAME_LENGTH <= name_length) {
       fprintf(stderr, "acl_pkg_pack: Failed to write to %s: %s\n", out_file,
               "Directory name too long");
       return PACK_END;
@@ -1388,7 +1388,7 @@ static acl_pack_kind add_directory(const char *out_file, FILE *of,
     struct dirent *entry;
 #define FULL_NAME_LENGTH (2 * PATH_MAX)
     char full_name[FULL_NAME_LENGTH];
-    if (FULL_NAME_LENGTH < name_length) {
+    if (FULL_NAME_LENGTH <= name_length) {
       fprintf(stderr, "acl_pkg_pack: Failed to write to %s: %s\n", out_file,
               "Directory name too long");
       return PACK_END;
