Buffer overflow #2515
Labels
Comments
|
? |
|
Hi, I initially thought there is a bug in the code and raised the issue. But after analysis, I see that there is no issue and closed the issue.Thank you,Vijay
On Friday, December 11, 2020, 08:28:16 a.m. EST, Niels Lohmann <[email protected]> wrote:
?
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Veracode scan flagged copied code(line 10707) as potential bug
What is the issue you have?
Buffer overflow
10693 if (k == 1)
10694 {
10695 // dE+123
10696 // len <= 1 + 5
10697
10698 buf += 1;
10699 }
10700 else
10701 {
10702 // d.igitsE+123
10703 // len <= max_digits10 + 1 + 5
10704
10705 assert(k > 1);
10706
10707 std::memmove(buf + 2, buf + 1, static_cast<size_t>(k - 1));
10708 buf[1] = '.';
10709 buf += 1 + k;
10710 }
In line 10707, buffer is moved from "buf+1" to "buf+2". If the buffer is
full, one character will be moved beyond the buffer causing overflow.
Please describe the steps to reproduce the issue.
Can you provide a small but working code example?
What is the expected behavior?
And what is the actual behavior instead?
Which compiler and operating system are you using?
Which version of the library did you use?
developbranchIf you experience a compilation error: can you compile and run the unit tests?
The text was updated successfully, but these errors were encountered: