CID 467267: Insecure data handling (INTEGER_OVERFLOW)
The cast of "hdr->error_no" to a signed type could result in a negative number.
Indeed, if a client sends a very large ->error_no, this could end up
with a negative errno value. This doesn't seem like an issue, but
nonetheless tighten up our validation.
For some reason Coverity only complained about tran_pipe.c, but the same
problem exists in tran_sock.c.
Indeed, if a client sends a very large ->error_no, this could end up with a negative errno value. This doesn't seem like an issue, but nonetheless tighten up our validation.
For some reason Coverity only complained about tran_pipe.c, but the same problem exists in tran_sock.c.
Signed-off-by: John Levon john.levon@nutanix.com