Text  |   XML   |   Visible Warnings:

Irssi : Irssi analysis 1 : Buffer Overrun  at network.c:426

Categories: LANG.MEM.BO CWE:120 CWE:121 CWE:122 CWE:126
Warning ID: 2088.2089
Similar Warnings: 2088.2088
Procedure: net_gethostbyname
Trace: View
Modified: Wed Sep 2 11:51:08 2009   show details
 
Priority: None
State: None
Finding: None
Owner: None
  edit properties

Legend [ X ]
Warning Location
Contributes
Parse Error
Other Warning
Two or More Loop Iterations
On Execution Path
Comment
Macro
Preprocessor
Include
Keyword
Preprocessed Away
Legend
Warning Location Contributes Parse Error
Other Warning Two or More Loop Iterations On Execution Path
Comment Macro Preprocessor
Include Keyword Preprocessed Away

Source  |  Language: C Hide Legend     
ProblemLineSource
   /u1/paul/SATE/2010/c/irssi/irssi-0.8.14/src/core/network.c
   Enter net_gethostbyname
 399 int net_gethostbyname(const char *addr, IPADDR *ip4, IPADDR *ip6) 
 400 {
 401 #ifdef HAVE_IPV6 
 402         union sockaddr_union *so;
 403         struct addrinfo hints, *ai, *ailist;
 404         int ret, count_v4, count_v6, use_v4, use_v6;
 405 #else 
 406         struct hostent *hp;
 407         int count; 
 408 #endif 
 409  
 410         g_return_val_if_fail(addr != NULL, -1);
 411  
 412         memset(ip4, 0, sizeof(IPADDR));
 413         memset(ip6, 0, sizeof(IPADDR));
 414  
 415 #ifdef HAVE_IPV6 
 416         memset(&hints, 0, sizeof(struct addrinfo));
 417         hints.ai_socktype = SOCK_STREAM;
 418  
 419         /* save error to host_error for later use */ 
true420         ret = getaddrinfo(addr, NULL, &hints, &ailist);   /* Leak (ID: 2087.2087) */
 421         if (ret != 0)
 422                 return ret;
 423  
 424         /* count IPs */ 
 425         count_v4 = count_v6 = 0;
bytes_after(ailist) < 48426         for (ai = ailist; ai != NULL; ai = ai->ai_next) {     /* Buffer Overrun */
 427                 if (ai->ai_family == AF_INET)
 428                         count_v4++;
 429                 else if (ai->ai_family == AF_INET6)
bytes_after(ai) < 48430                         count_v6++;
Preconditions 
$param_1 >= 1
&$unknown_41477 = 10
Postconditions 
_g_boolean_var_' = 1
addr' = $param_1
ai' = &$heap_487
ailist' = &$heap_487
count_v4' = 0
count_v6' = 1
$heap_486' is allocated by malloc
$heap_486' is allocated
bytes_before(&$heap_486)' = 0
bytes_after(&$heap_487)' = 32
$heap_487' is allocated by malloc
$heap_487' is allocated
bytes_before(&$heap_487)' = 0
((char*)&$heap_487)[20]' = &$heap_488
((char*)&$heap_487)[24]' = &$heap_486
((char*)&$heap_487)[4]' = &$unknown_41477
$heap_488' = 10
bytes_after(&$heap_488)' = 28
$heap_488' is allocated by malloc
$heap_488' is allocated
bytes_before(&$heap_488)' = 0
hints.ai_flags' = 0
hints.ai_socktype' = 1
ip4' = $param_2
ip6' = $param_3
ret' = 0



Change Warning 2088.2089 : Buffer Overrun

Because they are very similar, this warning shares annotations with warning 2088.2088.
CodeSonar has selected warning 2088.2088 to represent this group of similar warnings. In order to edit this group, you must edit warning 2088.2088.