[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Some potential bugs in make-3.82

From: Zhenbo Xu
Subject: Some potential bugs in make-3.82
Date: Wed, 8 May 2013 11:24:04 +0800

I'm a developer of a static analysis tool canalyze.
Recently I applied it to make-3.82.
It seems some reports are real after by manually checking:
1. Null Dereference
file: hash.c
function: hash_rehash
At line 262: ht->ht_vec = (void **) CALLOC (struct token *, ht->ht_size);
Should we check ht->ht_vec is not null (allocating failing) before we use it?

2. Out of bound
file: function.c
function: func_sort
At line 1150: words = xmalloc (wordi * sizeof (char *));
The value of wordi may be 1.

At line 1171: if (i == wordi - 1 || strlen (words[i + 1]) != len
words[i + 1] may cause overflow.

Hope for your replies!


Zhenbo Xu

reply via email to

[Prev in Thread] Current Thread [Next in Thread]