Skip to content

testing for dave #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
markhermeling wants to merge 1 commit into
base: release/HelpGuru
Choose a base branch
from
Open

testing for dave #10

markhermeling wants to merge 1 commit into from

Conversation

@markhermeling
Copy link

@markhermeling markhermeling commented Jun 19, 2024

No description provided.

@github-actions
Copy link

github-actions bot commented Jun 19, 2024

CodeSonar analysis

Analysis results are available on the CodeSonar hub

Severity Count
High 0
Medium 3
Low 2
Warning Class Count
Null Pointer Dereference 2
Buffer Overrun 1
Redundant Condition 1
Unreachable Data Flow 1

Generated by CodeSonar

github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 19, 2024
View reviewed changes
src/slist_wc.c
new_len = strlen(dest) + strlen(s) + 1;
new_loc = (char *) malloc(new_len);
strcpy(new_loc, dest);
if (!new_loc) return dest; /* Can't do it, throw away the data */

Check warning

Code scanning / CodeSonar

Unreachable Data Flow

The highlighted code will not execute under any circumstances. This may be because of: - A function call that does not return. - A test whose result is always the same: look for a preceding Redundant Condition warning. - A crashing bug. Look for a preceding Null Pointer Dereference or Division By Zero warning.
src/slist_wc.c
new_len = strlen(dest) + strlen(s) + 1;
new_loc = (char *) malloc(new_len);
strcpy(new_loc, dest);
if (!new_loc) return dest; /* Can't do it, throw away the data */

Check warning

Code scanning / CodeSonar

Redundant Condition

new_loc always evaluates to true. This may be because: - There is a constant assignment to one or more of the variables involved. - An earlier conditional statement has already ensured that new_loc cannot be false. - A crashing bug occurs on every path where new_loc could have evaluated to false. Look for a preceding Null Pointer Dereference or Division By Zero warning.
src/slist_wc.c
}
new_len = strlen(dest) + strlen(s) + 1;
new_loc = (char *) malloc(new_len);
strcpy(new_loc, dest);

Check failure

Code scanning / CodeSonar

Null Pointer Dereference

The body of strcpy() dereferences new_loc, but it is NULL.The issue can occur if the highlighted code executes.
src/slist_wc.c
we always allocate for enough space before appending. */
if (!dest) {
new_loc = (char *) malloc(strlen(s))+1;
strcpy(new_loc, s);

Check failure

Code scanning / CodeSonar

Null Pointer Dereference

The body of strcpy() dereferences new_loc, but it has an invalid value. - new_loc evaluates to 1. - CodeSonar is configured to issue warnings when code dereferences pointers whose value is lower than 4096. (This value can be adjusted using configuration parameter NULL_POINTER_THRESHOLD.).The issue can occur if the highlighted code executes.
src/slist_wc.c
we always allocate for enough space before appending. */
if (!dest) {
new_loc = (char *) malloc(strlen(s))+1;
strcpy(new_loc, s);

Check failure

Code scanning / CodeSonar

Buffer Overrun

This code writes past the end of the buffer pointed to by new_loc. - new_loc evaluates to malloc(strlen(s)) + 1[[slist_wc.c:43]]. - strcpy() writes to the byte at an offset that is the length of the string pointed to by s, plus 1 from the beginning of the buffer pointed to by new_loc. - The offset exceeds the capacity. - The length of the string pointed to by s, plus 1 is no less than 1. - The capacity of the buffer pointed to by new_loc, in bytes, is the length of the string pointed to by s, which is bounded below by 0. - The overrun occurs in heap memory.The issue can occur if the highlighted code executes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@markhermeling