From 7eddefd8f1375c5c6f2fbe6e0e51f14bdc1f8886 Mon Sep 17 00:00:00 2001
From: Matt McCormick <matt.mccormick@kitware.com>
Date: Mon, 7 Oct 2013 17:10:06 +0000
Subject: [PATCH] TestDriver.cxx.in: Untrusted array index read.

As reported by Coverity Scan, if the configured file contains a #include,

  Untrusted array index read
  The array index could be controlled by an attacker, leading to reads outside
  the bounds of the array.
  In main: Read from array at index computed using an unscrutinized value from
  an untrusted source (CWE-129)

  CID 1081283 (#1 of 1): Untrusted array index read (TAINTED_SCALAR)
  25. tainted_data: Using tainted variable "testToRun" as an index into an array
  "cmakeGeneratedFunctionMapEntries".
---
 Templates/TestDriver.cxx.in | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Templates/TestDriver.cxx.in b/Templates/TestDriver.cxx.in
index f4510bb55..03916bf74 100644
--- a/Templates/TestDriver.cxx.in
+++ b/Templates/TestDriver.cxx.in
@@ -137,6 +137,13 @@ int main(int ac, char *av[])
     {
     int result;
 @CMAKE_TESTDRIVER_BEFORE_TESTMAIN@
+    if (testToRun < 0 || testToRun >= NumTests)
+      {
+      printf(
+        "testToRun was modified by TestDriver code to an invalid value: %3d.\n",
+        testNum);
+      return -1;
+      }
     result = (*cmakeGeneratedFunctionMapEntries[testToRun].func)(ac, av);
 @CMAKE_TESTDRIVER_AFTER_TESTMAIN@
     return result;