From f54c77ad937019e3edf77c3888c4ab89bdc6708f Mon Sep 17 00:00:00 2001 From: mmusich Date: Fri, 3 Mar 2023 10:13:15 +0100 Subject: [PATCH] prevent heap-buffer-overflow in SiPixelDynamicInefficiencyPUParametrization --- ...PixelDynamicInefficiency_PayloadInspector.cc | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/CondCore/SiPixelPlugins/plugins/SiPixelDynamicInefficiency_PayloadInspector.cc b/CondCore/SiPixelPlugins/plugins/SiPixelDynamicInefficiency_PayloadInspector.cc index 1804c126adb7c..8712ad0d5ed22 100644 --- a/CondCore/SiPixelPlugins/plugins/SiPixelDynamicInefficiency_PayloadInspector.cc +++ b/CondCore/SiPixelPlugins/plugins/SiPixelDynamicInefficiency_PayloadInspector.cc @@ -819,10 +819,25 @@ namespace { int npar = n + 2; TF1* f1 = new TF1((fmt::sprintf("region: #bf{%s}", namesOfParts[index - 1])).c_str(), func, xmin_, xmax_, npar); + + // push polynomial degree as first entry in the vector params.insert(params.begin(), n); + + // TF1::SetParameters needs a C-style array double* arr = params.data(); f1->SetLineWidth(2); - f1->SetParameters(arr); + + if (n == 1) { + /* special case for constant + using setParameters technically works, but leads to + heap-buffer-overflow + */ + f1->SetParameter(0, arr[0]); + f1->SetParameter(1, arr[1]); + } else { + f1->SetParameters(arr); + } + parametrizations.push_back(f1); // build the formula to be displayed