Skip to content

Commit 5a25ce2

Browse files
kmk3kmk3
committed
bugfix: fix potential infinite loop in checkcfg (-fanalyzer)
It looks like it could happen if a line in /etc/firejail/firejail.config starts with `netfilter-default ` and there is a space or tab right after that. $ make clean >/dev/null && ./configure --enable-analyzer CC=gcc-14 >/dev/null && make -j 1 >/dev/null [...] ../../src/firejail/checkcfg.c: In function ‘checkcfg’: ../../src/firejail/checkcfg.c:137:40: warning: infinite loop [CWE-835] [-Wanalyzer-infinite-loop] 137 | while (*fname == ' ' || *fname == '\t') | ^~~~~~ ‘checkcfg’: events 1-5 | | 137 | while (*fname == ' ' || *fname == '\t') | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | | | | | | | (2) if it ever follows ‘true’ branch, it will always do so... | | (1) infinite loop here | | (5) ...to here | 138 | ptr++; | | ~~~~~ | | | | | (3) ...to here | | (4) looping back... | [...] Added on commit 340a6b2 ("added netfilter-default config option in /etc/firejail/firejail.config", 2016-07-28). Environment: gcc 14.3.1+r25+g42e99e057bd7-1 on Artix Linux.
1 parent 6355262 commit 5a25ce2

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/firejail/checkcfg.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,7 @@ int checkcfg(int val) {
135135
else if (strncmp(ptr, "netfilter-default ", 18) == 0) {
136136
char *fname = ptr + 18;
137137
while (*fname == ' ' || *fname == '\t')
138-
ptr++;
138+
fname++;
139139
char *end = strchr(fname, ' ');
140140
if (end)
141141
*end = '\0';

0 commit comments

Comments
 (0)