Text  |   XML   |   Visible Warnings:

pvm3.4.6 : pvm3.4.6 analysis 2 : Null Pointer Dereference  at cmds.c:497

Categories: LANG.MEM.NPD CWE:476
Warning ID: 498.29279
Similar Warnings: 498.29280
Procedure: newalias
Trace: view
Modified: Thu Nov 26 11:36:45 2009   show details
 
Priority: None
State: None
Finding: None
Owner: None
  edit properties

Legend [ X ]
Warning Location
Contributes
Parse Error
Other Warning
Two or More Loop Iterations
On Execution Path
Comment
Macro
Preprocessor
Include
Keyword
Preprocessed Away
Legend
Warning Location Contributes Parse Error
Other Warning Two or More Loop Iterations On Execution Path
Comment Macro Preprocessor
Include Keyword Preprocessed Away

Source  |  Language: C Hide Legend     
ProblemLineSource
   /kat0/fletcher/SATE/2010/pvm3/console/cmds.c
   Enter newalias
 484 struct alias * 
 485 newalias(name, num, args) 
 486         char *name;
 487         int num;
 488         char **args;
 489 {
 490         struct alias *ap, *ap2;
 491  
 492         ap = TALLOC(1, struct alias, "alias");
 493         ap->a_name = STRALLOC(name);   /* Null Pointer Dereference (ID: 500.29282) */
true494         ap->a_args = TALLOC(num + 1, char *, "aargs");   /* Integer Overflow of Allocation Size (ID: 499.29281) */
 495         ap->a_num = num;
 496         while (num-- > 0)
ap->a_args <= 4095497                 ap->a_args[num] = STRALLOC(args[num]);     /* Null Pointer Dereference */
Preconditions 
num >= 1
Postconditions 
ap' = &$heap_443385
errno' != 0
bytes_after(&$heap_443385)' = 24
$heap_443385' is allocated by malloc
$heap_443385' is allocated
bytes_before(&$heap_443385)' = 0
((char*)&$heap_443385)[16]' = 0
((char*)&$heap_443385)[8]' = &$heap_443386
((char*)&$heap_443385)[12]' = num
$heap_443386' = *name
bytes_after(&$heap_443386)' = strlen(name) + 1
$heap_443386' is allocated by malloc
$heap_443386' is allocated
bytes_before(&$heap_443386)' = 0
strlen(&$heap_443386)' = strlen(name)
tocttou($heap_443386)' = tocttou(*name)
$heap_443387' = $unknown_12208240
bytes_after(&$heap_443387)' = strlen(&$unknown_12208239) + 1
$heap_443387' is allocated by malloc
$heap_443387' is allocated
bytes_before(&$heap_443387)' = 0
strlen(&$heap_443387)' = strlen(&$unknown_12208240)
tocttou($heap_443387)' = tocttou($unknown_12208240)
num' = num - 1



Change Warning 498.29279 : Null Pointer Dereference

Because they are very similar, this warning shares annotations with warning 498.29280.

Priority:
State:
Finding:
Owner:
Note: