Преглед изворни кода

[profile] Prevent potential division by zero

Limit the profile sample count to INT_MAX to avoid both signed
overflow and a potential division by zero when updating the stored
mean value.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown пре 6 година
родитељ
комит
ae93064496
1 измењених фајлова са 4 додато и 2 уклоњено
  1. 4
    2
      src/core/profile.c

+ 4
- 2
src/core/profile.c Прегледај датотеку

@@ -26,6 +26,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
26 26
 #include <stdint.h>
27 27
 #include <stdio.h>
28 28
 #include <strings.h>
29
+#include <limits.h>
29 30
 #include <assert.h>
30 31
 #include <ipxe/isqrt.h>
31 32
 #include <ipxe/profile.h>
@@ -122,8 +123,9 @@ void profile_update ( struct profiler *profiler, unsigned long sample ) {
122 123
 	 */
123 124
 	assert ( ( ( signed ) sample ) >= 0 );
124 125
 
125
-	/* Update sample count */
126
-	profiler->count++;
126
+	/* Update sample count, limiting to avoid signed overflow */
127
+	if ( profiler->count < INT_MAX )
128
+		profiler->count++;
127 129
 
128 130
 	/* Adjust mean sample value scale if necessary.  Skip if
129 131
 	 * sample is zero (in which case flsl(sample)-1 would

Loading…
Откажи
Сачувај