Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-2595

Coverity analysis defect 101170: Integer overflow

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.10.0
    • Affects Version/s: None
    • Component/s: None
    • Labels:
      None

      An integer overflow occurs, with the overflowed value used in a sensitive operation

      Defect 101170 (STATIC_C)
      Checker INTEGER_OVERFLOW (subcategory none)
      File: /src/bson/bson-string.c
      Function bson_vsnprintf
      /src/bson/bson-string.c, line: 622
      Subtract operation overflows on operands "size" and "1UL", whose values are unsigned constants, 0 and 1, respectively. 

             str[size - 1] = '\0';

      File: /src/bson/bson-string.c
      Function bson_vsnprintf
      /src/bson/bson-string.c, line: 622
      Subtract operation overflows on operands "size" and "1UL". 

             str[size - 1] = '\0';

      /src/bson/bson-string.c, line: 622
      Overflowed or truncated value (or a value computed from an overflowed or truncated value) "str + (size - 1UL)" dereferenced. 

             str[size - 1] = '\0';

            Assignee:
            jesse@mongodb.com A. Jesse Jiryu Davis
            Reporter:
            xgen-internal-coverity Coverity Collector User
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: