Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 4 Sep 2014 13:13:58 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Subject: Re: New static analysis results

On Thu, Sep 04, 2014 at 08:45:45PM +0400, Alexander Monakov wrote:
> Hello,
> 
> I'm happy to report a few new results from running static code analysis on
> musl (from a tool developed where I work).
> 
> ctime.c:5
>     localtime(t) may return NULL, but that will cause UB in asctime

Yes, I need to look into what ctime should do in this case though...

> regexec.c:253
>     "return REG_NOMATCH;" in GET_NEXT_WCHAR leaks memory allocated for 'buf'

This should be checked, but it sounds likely.

> lookup_serv.c:55
> getnameinfo.c:99
>     pointless "if (!p) continue;" when "if (!*p) continue;" was probably
>     intended

I'd have to look at the code but it's possible the intent was leftover
from old code that was changed rather than being what you think. But I
think your proposed change is probably right for the current code.
Looks low-priority anyway (only affects parsing invalid hosts/services
files).

> fpathconf.c
>     off-by-one error in range check (if (name >= sizeof ...))

Indeed. This should be fixed.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.