MantisBT - CMake
View Issue Details

ID	Project	Category	View Status	Date Submitted	Last Update
0014488	CMake	CMake	public	2013-10-16 10:16	2016-06-10 14:31

Reporter	Matthew McCormick
Assigned To	Matt McCormick
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	moved
Platform		OS		OS Version
Product Version	CMake 2.8.12
Target Version		Fixed in Version

Summary	0014488: TestDriver.cxx.in Untrusted array index read
Description	As reported by Coverity Scan, if the configured file contains a #include, Untrusted array index read The array index could be controlled by an attacker, leading to reads outside the bounds of the array. In main: Read from array at index computed using an unscrutinized value from an untrusted source (CWE-129) CID 1081283 (#1 of 1): Untrusted array index read (TAINTED_SCALAR) 25. tainted_data: Using tainted variable "testToRun" as an index into an array "cmakeGeneratedFunctionMapEntries".
Steps To Reproduce	Analyze the ITK test suite with Coverity Static Analysis.
Additional Information	Patch attached.
Tags	No tags attached.
Relationships
Attached Files	0001-TestDriver.cxx.in-Untrusted-array-index-read.patch (1,435) 2013-10-16 10:16 https://public.kitware.com/Bug/file/4906/0001-TestDriver.cxx.in-Untrusted-array-index-read.patch

Issue History
Date Modified	Username	Field	Change
2013-10-16 10:16	Matthew McCormick	New Issue
2013-10-16 10:16	Matthew McCormick	File Added: 0001-TestDriver.cxx.in-Untrusted-array-index-read.patch
2013-10-16 15:15	Bill Hoffman	Assigned To	=> Matt McCormick
2013-10-16 15:15	Bill Hoffman	Status	new => assigned
2013-10-18 16:17	Matthew McCormick	Note Added: 0034164
2016-06-10 14:29	Kitware Robot	Note Added: 0042395
2016-06-10 14:29	Kitware Robot	Status	assigned => resolved
2016-06-10 14:29	Kitware Robot	Resolution	open => moved
2016-06-10 14:31	Kitware Robot	Status	resolved => closed

Notes