Coverity INTEGER_OVERFLOW - CID 10641
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Nux | Status tracked in 4.0 | |||||
4.0 |
Fix Released
|
Medium
|
Unassigned | |||
nux (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https:/
CID: 10641
Checker: INTEGER_OVERFLOW
Category: critical_argument
CWE definition: http://
File: /tmp/buildd/
Function: TiXmlDocument:
Code snippet:
At conditional: "*p == 10" taking False branch
At conditional: "*p == 10" taking False branch
At conditional: "*p == 10" taking True branch
1157 if ( *p == 0xa )
1158 {
1159 // Newline character. No special rules for this. Append all the characters
1160 // since the last string, and include the newline.
CID 10641 - INTEGER_OVERFLOW
Add operation overflows on operands "p - lastPos" and "1L". Example value for operand: "p - lastPos" = 011111111111111
Overflowed or truncated value (or a value computed from an overflowed or truncated value) "p - lastPos + 1L" used as critical argument to function.
1161 data.append ( lastPos, (p - lastPos + 1) ); // append, include the newline
1162 ++p; // move past the newline
1163 lastPos = p; // and point to the new buffer (may be 0)
1164 assert ( p <= (buf + length) );
1165 }
At conditional: "*p == 13" taking False branch
At conditional: "*p == 13" taking False branch
1166 else if ( *p == 0xd )
Related branches
- Jay Taoko (community): Needs Fixing
-
Diff: 6928 lines (+10/-6815)10 files modifiedNux/Theme.cpp (+1/-1)
NuxCore/Makefile.am (+1/-13)
NuxCore/TinyXML/tinystr.cpp (+0/-142)
NuxCore/TinyXML/tinystr.h (+0/-396)
NuxCore/TinyXML/tinyxml.cpp (+0/-2103)
NuxCore/TinyXML/tinyxml.h (+0/-2264)
NuxCore/TinyXML/tinyxmlerror.cpp (+0/-75)
NuxCore/TinyXML/tinyxmlparser.cpp (+0/-1819)
configure.ac (+7/-1)
tools/unity_support_test.c (+1/-1)
Changed in nux (Ubuntu): | |
status: | New → Fix Released |
importance: | Undecided → Medium |
Source file with Coverity annotations.