CodeSonar : pvm3.4.6 : Buffer Overrun

pvm3.4.6 : pvm3.4.6 analysis 2 : Buffer Overrun at pvmcruft.c:1055

Categories:	LANG.MEM.BO CWE:120 CWE:121 CWE:122 CWE:126
Warning ID:	244.28881
Procedure:	pvmdsockfile
Trace:	view
Modified:	Thu Nov 26 11:28:21 2009 show details hide details

Priority:	None
State:	None
Finding:	None
Owner:	None
	edit properties

Legend	[ X ]
Warning Location Contributes Parse Error Other Warning Two or More Loop Iterations On Execution Path Comment Macro Preprocessor Include Keyword Preprocessed Away

Legend
Warning Location	Contributes	Parse Error
Other Warning	Two or More Loop Iterations	On Execution Path
Comment	Macro	Preprocessor
Include	Keyword	Preprocessed Away

Source | Language: C

Hide Legend

Problem	Line	Source

			/kat0/fletcher/SATE/2010/pvm3/src/pvmcruft.c

			Enter pvmdsockfile

	1013		char *
	1014		pvmdsockfile()
	1015		{
	1016		static char buf[255];
	1017
	1018		char hna[128];
	1019		char *pvmtmp;
	1020		char *p;
	1021
	1022		#ifdef IMA_CSPP
	1023		int scid = get_scid(); /* default (system) subcomplex ID is 1 */
	1024		#endif
	1025

$input_12 > 237

1026

pvmtmp = pvmgettmp ();

#ifdef SHAREDTMP

if (gethostname(hna, sizeof(hna)-1) == -1) {

1031

pvmlogerror("pvmdsockfile() can't gethostname()\n");

1032

return (char*)0;

1033

}

1034

if (p = CINDEX(hna, '.'))

*p = 0;

...

#else

#ifdef IMA_CSPP

if (scid > 1)

(void)sprintf(buf, TDSOCKNAME_CSPP, pvmtmp, pvm_useruid, scid);

else

#endif

#ifdef WIN32

sprintf( buf, "%s\\pvmd.%s", pvmtmp, username );

1054

#else

strlen(pvmtmp) > 237

1055

(void)sprintf(buf, TDSOCKNAME, pvmtmp, pvm_useruid); /* Buffer Overrun */

Preconditions

$input_12 >= 0
td = 0

Postconditions

$heap_75400' = $input_444
bytes_after(&$heap_75400)' = $input_12 + 1
$heap_75400' is allocated by malloc
$heap_75400' is a non-heap object
bytes_before(&$heap_75400)' = 0
strlen(&$heap_75400)' = $input_12
pvmtmp' = &$heap_75400
td' = &$heap_75400

Change Warning 244.28881 : Buffer Overrun

Priority:
State:
Finding:
Owner:
Note: