From c41e6e9779846edf6eb1df636a344a9bd01a79ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=AD=8F=E5=AD=90=E6=81=92?= <weiziheng4@huawei.com>
Date: Wed, 14 May 2025 11:13:51 +0800
Subject: [PATCH] bugfix
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 魏子恒 <weiziheng4@huawei.com>
---
 .../js/src/mod_fs/class_watcher/watcher_entity.cpp   | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/interfaces/kits/js/src/mod_fs/class_watcher/watcher_entity.cpp b/interfaces/kits/js/src/mod_fs/class_watcher/watcher_entity.cpp
index 2cdb84a7e..41e2fdf48 100644
--- a/interfaces/kits/js/src/mod_fs/class_watcher/watcher_entity.cpp
+++ b/interfaces/kits/js/src/mod_fs/class_watcher/watcher_entity.cpp
@@ -194,6 +194,18 @@ void FileWatcher::ReadNotifyEvent(WatcherCallback callback)
     while (((len = read(notifyFd_, &buf, sizeof(buf))) < 0) && (errno == EINTR)) {};
     while (index < len) {
         event = reinterpret_cast<inotify_event *>(buf + index);
+        if (sizeof(struct inotify_event) > (len - index)) {
+            HILOGE("out of bounds access, len: %lu, index: %d, inotify: %zu",
+                    static_cast<unsigned long>(len), index, sizeof(struct inotify_event));
+            break;
+        }
+        if (static_cast<unsigned int>(event->len) > 
+           (static_cast<unsigned int>(len - index - sizeof(struct inotify_event)))) {
+            HILOGE("out of bounds access, index: %d, inotify: %zu, event :%lu, len: %lu",
+                    index, sizeof(struct inotify_event),
+                    static_cast<unsigned long>(event->len), static_cast<unsigned long>(len));
+            break;
+        }
         NotifyEvent(event, callback);
         index += sizeof(struct inotify_event) + static_cast<int>(event->len);
     }
-- 
Gitee