Skip to content

bugfix: fix potential infinite loop in checkcfg (-fanalyzer) #6859

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 15, 2025
Merged

bugfix: fix potential infinite loop in checkcfg (-fanalyzer) #6859

merged 1 commit into from
Aug 15, 2025

Conversation

kmk3
Copy link
Collaborator

@kmk3 kmk3 commented Aug 13, 2025
edited
Loading

It looks like it could happen if a line in /etc/firejail/firejail.config
starts with netfilter-default and there is a space or tab right after
that.

$ pacman -Q gcc14 glibc
gcc14 14.3.1+r25+g42e99e057bd7-1
glibc 2.42+r3+gbc13db739377-1
$ ./configure --enable-analyzer CC=gcc-14 >/dev/null &&
  make clean >/dev/null && make >/dev/null
[...]
../../src/firejail/checkcfg.c: In function ‘checkcfg’:
../../src/firejail/checkcfg.c:137:40: warning: infinite loop [CWE-835] [-Wanalyzer-infinite-loop]
  137 |                                 while (*fname == ' ' || *fname == '\t')
      |                                        ^~~~~~
  ‘checkcfg’: events 1-5
    |
    |  137 |                                 while (*fname == ' ' || *fname == '\t')
    |      |                                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |                                        |             |
    |      |                                        |             (2) if it ever follows ‘true’ branch, it will always do so...
    |      |                                        (1) infinite loop here
    |      |                                        (5) ...to here
    |  138 |                                         ptr++;
    |      |                                         ~~~~~
    |      |                                            |
    |      |                                            (3) ...to here
    |      |                                            (4) looping back...
    |
[...]

Added on commit 340a6b2 ("added netfilter-default config option in
/etc/firejail/firejail.config", 2016-07-28).

@kmk3 kmk3 added the bugfix This fixes a bug label Aug 13, 2025
@kmk3 kmk3 moved this to Todo in Release 0.9.78 Aug 13, 2025
@kmk3
bugfix: fix potential infinite loop in checkcfg (-fanalyzer)
3f85fa2 
It looks like it could happen if a line in /etc/firejail/firejail.config
starts with `netfilter-default ` and there is a space or tab right after
that.

    $ pacman -Q gcc14 glibc
    gcc14 14.3.1+r25+g42e99e057bd7-1
    glibc 2.42+r3+gbc13db739377-1
    $ ./configure --enable-analyzer CC=gcc-14 >/dev/null &&
      make clean >/dev/null && make >/dev/null
    [...]
    ../../src/firejail/checkcfg.c: In function ‘checkcfg’:
    ../../src/firejail/checkcfg.c:137:40: warning: infinite loop [CWE-835] [-Wanalyzer-infinite-loop]
      137 |                                 while (*fname == ' ' || *fname == '\t')
          |                                        ^~~~~~
      ‘checkcfg’: events 1-5
        |
        |  137 |                                 while (*fname == ' ' || *fname == '\t')
        |      |                                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        |      |                                        |             |
        |      |                                        |             (2) if it ever follows ‘true’ branch, it will always do so...
        |      |                                        (1) infinite loop here
        |      |                                        (5) ...to here
        |  138 |                                         ptr++;
        |      |                                         ~~~~~
        |      |                                            |
        |      |                                            (3) ...to here
        |      |                                            (4) looping back...
        |
    [...]

Added on commit 340a6b2 ("added netfilter-default config option in
/etc/firejail/firejail.config", 2016-07-28).
@kmk3 kmk3 force-pushed the checkcfg-fix-infinite-loop branch from 5a25ce2 to 3f85fa2 Compare August 15, 2025 09:34
@kmk3 kmk3 merged commit 83492f3 into netblue30:master Aug 15, 2025
12 checks passed
@kmk3 kmk3 deleted the checkcfg-fix-infinite-loop branch August 15, 2025 09:39
@github-project-automation github-project-automation bot moved this from Todo to Done in Release 0.9.78 Aug 15, 2025
kmk3 added a commit that referenced this pull request Aug 18, 2025
@kmk3
RELNOTES: add bugfix, build, ci, docs and profile items
6228f71 
Relates to #6792 #6846 #6854 #6858 #6859 #6862 #6864 #6866 #6867 #6868.
Relates to #6869.
@kmk3 kmk3 moved this from Done to Done (on RELNOTES) in Release 0.9.78 Aug 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bugfix This fixes a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kmk3