[master] 7da5a4b33 vai: Avoid potential out-of-bounds access in VSCARAB_LAST
Nils Goroll
nils.goroll at uplex.de
Tue Jul 8 06:54:05 UTC 2025
commit 7da5a4b331a6f1a73f2b5031ad0ea6418e5abcba
Author: Nils Goroll <nils.goroll at uplex.de>
Date: Tue Jul 8 08:52:59 2025 +0200
vai: Avoid potential out-of-bounds access in VSCARAB_LAST
Fixes #4357
diff --git a/bin/varnishd/cache/cache.h b/bin/varnishd/cache/cache.h
index 8885721d6..707447cd0 100644
--- a/bin/varnishd/cache/cache.h
+++ b/bin/varnishd/cache/cache.h
@@ -865,7 +865,8 @@ struct vscarab {
//lint -emacro(64, VSCARAB_ADD_IOV_NORET) weird flexelint bug?
#define VSCARAB_ADD_IOV_NORET(scarab, vec) \
VSCARAB_ADD(scarab, ((struct viov){.lease = VAI_LEASE_NORET, .iov = (vec)}))
-#define VSCARAB_LAST(scarab) (&(scarab)->s[(scarab)->used - 1])
+#define VSCARAB_LAST(scarab) ((scarab)->used > 0 ? \
+ &(scarab)->s[(scarab)->used - 1] : NULL)
#define VSCARAB_CHECK(scarab) do { \
CHECK_OBJ(scarab, VSCARAB_MAGIC); \
More information about the varnish-commit
mailing list