Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-2596

Coverity analysis defect 101171: Integer overflow

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • 1.10.0
    • None
    • None
    • None

    Description

      An integer overflow occurs, with the overflowed value used in a sensitive operation

      Defect 101171 (STATIC_C)
      Checker INTEGER_OVERFLOW (subcategory none)
      File: /src/bson/bson-string.c
      Function bson_strncpy
      /src/bson/bson-string.c, line: 569
      Subtract operation overflows on operands "size" and "1UL", whose values are unsigned constants, 0 and 1, respectively.

             dst[size - 1] = '\0';

      File: /src/bson/bson-string.c
      Function bson_strncpy
      /src/bson/bson-string.c, line: 569
      Subtract operation overflows on operands "size" and "1UL".

             dst[size - 1] = '\0';

      /src/bson/bson-string.c, line: 569
      Overflowed or truncated value (or a value computed from an overflowed or truncated value) "dst + (size - 1UL)" dereferenced.

             dst[size - 1] = '\0';

      Attachments

        Activity

          People

            jesse@mongodb.com A. Jesse Jiryu Davis
            xgen-internal-coverity Coverity Collector User
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: