dr_wav (dev): Coverity flagged Untrusted loop bound (CWE-606) in `drwav_init__internal`

mackron / dr_libs

Audio decoding libraries for C/C++, each in a single source file.

Other

1.24k stars 205 forks source link

dr_wav (dev): Coverity flagged Untrusted loop bound (CWE-606) in `drwav_init__internal` #218

Closed kcgen closed 2 years ago

kcgen commented 2 years ago

_"An attacker could control the number of times the loop iterates. In drwav_init__internal, an unscrutinized value from an untrusted source used as a loop bound (CWE-606)"_

2021-12-07_10-03 2021-12-07_10-03_1 2021-12-07_10-04 2021-12-07_10-04_1

mackron commented 2 years ago

Same as https://github.com/mackron/dr_libs/issues/219. Nothing to fix here because a chunk size can be anything and there's nothing practical to use as a bound check. If the data is invalid, seeking will fail. Setting to wontfix.

kcgen commented 2 years ago

Thanks for the explanation @mackron.

My guess is it wanted a logical bound: a simple example might be that the chunk-size (should) never exceed the WAV file size. None the less, if the seek routine will catch it - then might as well pass it through to try.

I've marked it as a false-positive and won'tfix - thanks for the quick assessment @mackron !