Text  |   XML   |   Visible Warnings:

pvm3.4.6 : pvm3.4.6 analysis 2 : Integer Overflow of Allocation Size  at host.c:494

Categories: ALLOC.IOAS BSI:MALLOC-OVERFLOW CWE:680
Warning ID: 60.28646
Procedure: ht_new
Trace: view
Modified: Thu Nov 26 11:27:14 2009   show details
 
Priority: None
State: None
Finding: None
Owner: None
  edit properties

Legend [ X ]
Warning Location
Contributes
Parse Error
Other Warning
Two or More Loop Iterations
On Execution Path
Comment
Macro
Preprocessor
Include
Keyword
Preprocessed Away
Legend
Warning Location Contributes Parse Error
Other Warning Two or More Loop Iterations On Execution Path
Comment Macro Preprocessor
Include Keyword Preprocessed Away

Source  |  Language: C Hide Legend     
ProblemLineSource
   /kat0/fletcher/SATE/2010/pvm3/src/host.c
   Enter ht_new
 483 struct htab * 
 484 ht_new(siz) 
 485         int siz;                /* initial length of ht_hosts[] */ 
 486 {
 487         struct htab *htp;
 488  
 489         if (siz < 1)
 490                 siz = 1;
 491         htp = TALLOC(1, struct htab, "ht1");
 492         BZERO((char*)htp, sizeof(struct htab));   /* Null Pointer Dereference (ID: 61.28647) */
 493         htp->ht_last = siz;
true494         htp->ht_hosts = TALLOC(siz + 1, struct hostd*, "ht2");     /* Integer Overflow of Allocation Size */
Preconditions 
siz >= 1
$input_12 = 0
Postconditions 
$heap_2026' = 0
bytes_after(&$heap_2026)' = 32
$heap_2026' is allocated by malloc
$heap_2026' is allocated
bytes_before(&$heap_2026)' = 0
((char*)&$heap_2026)[4]' = siz
htp' = &$heap_2026



Change Warning 60.28646 : Integer Overflow of Allocation Size

Priority:
State:
Finding:
Owner:
Note: