From 9e47ad607b597954e786db6614f5b42123184ccd Mon Sep 17 00:00:00 2001
From: Ben Hilburn <ben.hilburn@ettus.com>
Date: Wed, 27 Nov 2013 12:11:23 -0800
Subject: Squashed merge of Coverity fixes.

---
 host/lib/usrp/common/fx2_ctrl.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'host/lib/usrp/common')

diff --git a/host/lib/usrp/common/fx2_ctrl.cpp b/host/lib/usrp/common/fx2_ctrl.cpp
index 6111efea9..d68bf6058 100644
--- a/host/lib/usrp/common/fx2_ctrl.cpp
+++ b/host/lib/usrp/common/fx2_ctrl.cpp
@@ -119,6 +119,9 @@ bool parse_record(std::string *record, unsigned int &len,
     std::istringstream(record->substr(3, 4)) >> std::hex >> addr;
     std::istringstream(record->substr(7, 2)) >> std::hex >> type;
 
+    if (len > (2 * (record->length() - 9)))  // sanity check to prevent buffer overrun
+        return false;
+
     for (i = 0; i < len; i++) {
         std::istringstream(record->substr(9 + 2 * i, 2)) >> std::hex >> val;
         data[i] = (unsigned char) val;
@@ -181,6 +184,9 @@ public:
            std::string record;
            file >> record;
 
+        if (!(record.length() > 0))
+            continue;
+
             //check for valid record
             if (not checksum(&record) or not parse_record(&record, len, addr, type, data)) {
                 throw uhd::io_error("usrp_load_firmware: bad record checksum");
-- 
cgit v1.2.3