dsp: pdr: Bound check pldm_entity_association_pdr_extract()
```
../src/dsp/pdr.c: In function ‘pldm_entity_association_pdr_extract’:
../src/dsp/pdr.c:1333:35: error: use of attacker-controlled value ‘(size_t)((int)*((char *)&*pdr + 10).num_children + 1) * 6’ as allocation size without upper-bounds checking [CWE-789] [-Werror=analyzer-tainted-allocation-size]
1333 | pldm_entity *l_entities = malloc(sizeof(pldm_entity) * l_num_entities);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
Fixes: 9c76679224cf ("libpldm: Migrate to subproject")
Change-Id: I96582ae2b19d22413919ae0a6a9b94e2d3d40f39
Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au>
diff --git a/tests/dsp/pdr.cpp b/tests/dsp/pdr.cpp
index ef6e4e8..30ea9ea 100644
--- a/tests/dsp/pdr.cpp
+++ b/tests/dsp/pdr.cpp
@@ -1561,12 +1561,12 @@
{
std::vector<uint8_t> pdr{};
pdr.resize(sizeof(pldm_pdr_hdr) + sizeof(pldm_pdr_entity_association) +
- sizeof(pldm_entity) * 4);
+ sizeof(pldm_entity) * 5);
// NOLINTNEXTLINE(cppcoreguidelines-pro-type-reinterpret-cast)
pldm_pdr_hdr* hdr = reinterpret_cast<pldm_pdr_hdr*>(pdr.data());
hdr->type = PLDM_PDR_ENTITY_ASSOCIATION;
hdr->length =
- htole16(sizeof(pldm_pdr_entity_association) + sizeof(pldm_entity) * 4);
+ htole16(sizeof(pldm_pdr_entity_association) + sizeof(pldm_entity) * 5);
pldm_pdr_entity_association* e =
// NOLINTNEXTLINE(cppcoreguidelines-pro-type-reinterpret-cast)