Fix untrusted value used as argument

sa_vol_act_nr is read from an untrusted source and used as a loop boundary. Check it before using it. CID #29720. Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
sysstat · Oct 6, 2015 · 5dade14 · 5dade14
1 parent 4e4ecc3
commit 5dade14
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/sadc.c b/sadc.c
@@ -896,9 +896,11 @@ void open_ofile(int *ofd, char ofile[], int restart_mark)
 	}
 
 	/* OK: It's a true system activity file */
-	if (!file_hdr.sa_act_nr || (file_hdr.sa_act_nr > NR_ACT))
+	if (!file_hdr.sa_act_nr || (file_hdr.sa_act_nr > NR_ACT) ||
+	    (file_hdr.sa_vol_act_nr > NR_ACT))
 		/*
-		 * No activities at all or at least one unknown activity:
+		 * No activities at all or at least one unknown activity,
+		 * or too many volatile activities:
 		 * Cannot append data to such a file.
 		 */
 		goto append_error;