Text  |   XML   |   Visible Warnings:

pvm3.4.6 : pvm3.4.6 analysis 2 : Integer Overflow of Allocation Size  at cmds.c:494

Categories: ALLOC.IOAS BSI:MALLOC-OVERFLOW CWE:680
Warning ID: 499.29281
Procedure: newalias
Trace: view
Modified: Thu Nov 26 11:36:46 2009   show details
 
Priority: None
State: None
Finding: None
Owner: None
  edit properties

Legend [ X ]
Warning Location
Contributes
Parse Error
Other Warning
Two or More Loop Iterations
On Execution Path
Comment
Macro
Preprocessor
Include
Keyword
Preprocessed Away
Legend
Warning Location Contributes Parse Error
Other Warning Two or More Loop Iterations On Execution Path
Comment Macro Preprocessor
Include Keyword Preprocessed Away

Source  |  Language: C Hide Legend     
ProblemLineSource
   /kat0/fletcher/SATE/2010/pvm3/console/cmds.c
   Enter newalias
 484 struct alias * 
 485 newalias(name, num, args) 
 486         char *name;
 487         int num;
 488         char **args;
 489 {
 490         struct alias *ap, *ap2;
 491  
 492         ap = TALLOC(1, struct alias, "alias");
 493         ap->a_name = STRALLOC(name);   /* Null Pointer Dereference (ID: 500.29282) */
true494         ap->a_args = TALLOC(num + 1, char *, "aargs");     /* Integer Overflow of Allocation Size */
Preconditions 
$input_12 = 0
Postconditions 
ap' = &$heap_443510
bytes_after(&$heap_443510)' = 24
$heap_443510' is allocated by malloc
$heap_443510' is allocated
bytes_before(&$heap_443510)' = 0
((char*)&$heap_443510)[8]' = &$heap_443511
$heap_443511' = *name
bytes_after(&$heap_443511)' = strlen(name) + 1
$heap_443511' is allocated by malloc
$heap_443511' is allocated
bytes_before(&$heap_443511)' = 0
strlen(&$heap_443511)' = strlen(name)
tocttou($heap_443511)' = tocttou(*name)



Change Warning 499.29281 : Integer Overflow of Allocation Size

Priority:
State:
Finding:
Owner:
Note: