Fix Coverity 524: NEGATIVE_RETURNS

Coverity sees that two calls to tvb_length_remaining() with an offset of 0 may return -1 (for an "out of bounds" condition), which would lead to an assignment of -1 to an unsigned variable and then passing it to functions further down that cannot accept negative values. Use tvb_ensure_length_remaining() to throw an exception in a case of out of bounds access (though unlikely with an offset of 0) instead of tvb_length_remaining(), which would return -1. svn path=/trunk/; revision=36615
author: Stephen Fisher <steve@stephen-fisher.com> 2011-04-12 22:23:03 +0000
committer: Stephen Fisher <steve@stephen-fisher.com> 2011-04-12 22:23:03 +0000
commit: 4b416d92d0679ec449260cd6d3b7b1d608fb550f (patch)
tree: 7c83ba656414dbe73241641bf022760d5a5243bd /asn1
parent: ce2eea5b95fcef8f91d510d2acb7ff2ff0e7721f (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/asn1/snmp/packet-snmp-template.c b/asn1/snmp/packet-snmp-template.c
index 2162905525..216a6c01eb 100644
--- a/asn1/snmp/packet-snmp-template.c
+++ b/asn1/snmp/packet-snmp-template.c
@@ -1174,9 +1174,9 @@ get_user_assoc(tvbuff_t* engine_tvb, tvbuff_t* user_tvb)
 
 	if (! ( user_tvb && engine_tvb ) ) return NULL;
 
-	given_username_len = tvb_length_remaining(user_tvb,0);
+	given_username_len = tvb_ensure_length_remaining(user_tvb,0);
 	given_username = ep_tvb_memdup(user_tvb,0,-1);
-	given_engine_len = tvb_length_remaining(engine_tvb,0);
+	given_engine_len = tvb_ensure_length_remaining(engine_tvb,0);
 	given_engine = ep_tvb_memdup(engine_tvb,0,-1);
 
 	for (a = localized_ues; a; a = a->next) {
author	Stephen Fisher <steve@stephen-fisher.com>	2011-04-12 22:23:03 +0000
committer	Stephen Fisher <steve@stephen-fisher.com>	2011-04-12 22:23:03 +0000
commit	4b416d92d0679ec449260cd6d3b7b1d608fb550f (patch)
tree	7c83ba656414dbe73241641bf022760d5a5243bd /asn1
parent	ce2eea5b95fcef8f91d510d2acb7ff2ff0e7721f (diff)