From 0e94c21a55f713af300ff0fbf59ddee9558c3a0c Mon Sep 17 00:00:00 2001
From: Dirk Hohndel <dirk@hohndel.org>
Date: Tue, 26 Dec 2017 14:04:10 -0800
Subject: Cleanup: prevent potential out of bounds write

Since we cannot store tanks / gases past MAX_CYLINDERS (currently 20),
there is no point in analyzing those data.

Coverity CID 208339

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
---
 core/libdivecomputer.c | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

(limited to 'core')

diff --git a/core/libdivecomputer.c b/core/libdivecomputer.c
index 14fe42a6e..fde142e0d 100644
--- a/core/libdivecomputer.c
+++ b/core/libdivecomputer.c
@@ -115,7 +115,7 @@ static int parse_gasmixes(device_data_t *devdata, struct dive *dive, dc_parser_t
 #endif
 	bool no_volume = true;
 
-	for (i = 0; i < ngases || i < ntanks; i++) {
+	for (i = 0; i < MAX_CYLINDERS && (i < ngases || i < ntanks); i++) {
 		if (i < ngases) {
 			dc_gasmix_t gasmix = { 0 };
 			int o2, he;
@@ -124,10 +124,7 @@ static int parse_gasmixes(device_data_t *devdata, struct dive *dive, dc_parser_t
 			if (rc != DC_STATUS_SUCCESS && rc != DC_STATUS_UNSUPPORTED)
 				return rc;
 
-			if (i >= MAX_CYLINDERS)
-				continue;
-
-			 o2 = lrint(gasmix.oxygen * 1000);
+			o2 = lrint(gasmix.oxygen * 1000);
 			he = lrint(gasmix.helium * 1000);
 
 			/* Ignore bogus data - libdivecomputer does some crazy stuff */
-- 
cgit v1.2.3-70-g09d2