summaryrefslogtreecommitdiff
path: root/tools/include
diff options
context:
space:
mode:
authorDaniel Palmer <daniel@thingy.jp>2026-05-20 20:19:31 +0900
committerThomas Weißschuh <linux@weissschuh.net>2026-05-20 18:43:17 +0200
commit136ca91411b0b637e862eb7b1cce2a56853edd17 (patch)
treeb6713fca7fadce2da899a3983e5cdc655ca2c006 /tools/include
parent2ee39c5fb3a0cdc5da5026e78718ac7d92ea48c4 (diff)
tools/nolibc: getopt: Fix potential out of bounds access
Running clang-tidy on a program that uses getopt() from nolibc this warning appears: getopt.h:80:6: warning: Out of bound access to memory after the end of the string literal [clang-analyzer-security.ArrayBound] 80 | if (optstring[i] == ':') { This looks like a very unlikely case that an argument inside of argv is being changed between getopt() calls. Adding a check for d becoming 0 in the guard after the loop stops getopt() getting far enough to access beyond the end of the array and seems to correct the issue. Fixes: bae3cd708e8a ("tools/nolibc: add getopt()") Assisted-by: Claude:claude-4.6-sonnet # reproducer Signed-off-by: Daniel Palmer <daniel@thingy.jp> Link: https://patch.msgid.link/20260520111931.1027758-1-daniel@thingy.jp [Thomas: clean up commit message a bit] Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
Diffstat (limited to 'tools/include')
-rw-r--r--tools/include/nolibc/getopt.h2
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/include/nolibc/getopt.h b/tools/include/nolibc/getopt.h
index 87565e3b6a33..3ad140f692df 100644
--- a/tools/include/nolibc/getopt.h
+++ b/tools/include/nolibc/getopt.h
@@ -71,7 +71,7 @@ int getopt(int argc, char * const argv[], const char *optstring)
d = optstring[i++];
} while (d && d != c);
- if (d != c || c == ':') {
+ if (!d || d != c || c == ':') {
optopt = c;
if (optstring[0] != ':' && opterr)
fprintf(stderr, "%s: unrecognized option: %c\n", argv[0], *optchar);