From c0ed7e4c7c4da7345fbb8bab91ca818d14951380 Mon Sep 17 00:00:00 2001
From: Sebastien GODARD <sysstat@users.noreply.github.com>
Date: Wed, 9 Mar 2022 16:53:27 +0100
Subject: [PATCH] Add sanity checks on values read from file

Check upper bounds for @nr and @nr2 read from file to convert.

Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
---
 sa_conv.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sa_conv.c b/sa_conv.c
index 08778e0..77f8e5e 100644
--- a/sa_conv.c
+++ b/sa_conv.c
@@ -318,7 +318,8 @@ int upgrade_header_section(char dfile[], int fd, int stdfd, struct activity *act
 			swap_struct(oact_types_nr, ofal, *arch_64);
 		}
 
-		if ((ofal->nr < 1) || (ofal->nr2 < 1))
+		if ((ofal->nr < 1) || (ofal->nr2 < 1) ||
+		    (ofal->nr > NR_MAX) || (ofal->nr2 > NR2_MAX))
 			/*
 			 * Every activity, known or unknown,
 			 * should have at least one item and sub-item.
@@ -373,6 +374,7 @@ int upgrade_header_section(char dfile[], int fd, int stdfd, struct activity *act
 				act[p]->nr2    = ofal->nr2;
 			}
 		}
+		/* else: Unknown activity. Maybe an old one which has been made obsolete? */
 	}
 
 	if (!a_cpu) {
-- 
2.40.0