Date: Thu, 4 Sep 2014 20:45:45 +0400 (MSK) From: Alexander Monakov <amonakov@...ras.ru> To: musl@...ts.openwall.com Subject: New static analysis results Hello, I'm happy to report a few new results from running static code analysis on musl (from a tool developed where I work). ctime.c:5 localtime(t) may return NULL, but that will cause UB in asctime regexec.c:253 "return REG_NOMATCH;" in GET_NEXT_WCHAR leaks memory allocated for 'buf' lookup_serv.c:55 getnameinfo.c:99 pointless "if (!p) continue;" when "if (!*p) continue;" was probably intended fpathconf.c off-by-one error in range check (if (name >= sizeof ...)) Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.