Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 1.10.0
Affects Version/s: None
Component/s: None
Labels:
None

Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

An integer overflow occurs, with the overflowed value used in a sensitive operation

Defect 101171 (STATIC_C)
Checker INTEGER_OVERFLOW (subcategory none)
File: /src/bson/bson-string.c
Function bson_strncpy
/src/bson/bson-string.c, line: 569
Subtract operation overflows on operands "size" and "1UL", whose values are unsigned constants, 0 and 1, respectively.

       dst[size - 1] = '\0';

File: /src/bson/bson-string.c
Function bson_strncpy
/src/bson/bson-string.c, line: 569
Subtract operation overflows on operands "size" and "1UL".

       dst[size - 1] = '\0';

/src/bson/bson-string.c, line: 569
Overflowed or truncated value (or a value computed from an overflowed or truncated value) "dst + (size - 1UL)" dereferenced.

       dst[size - 1] = '\0';

Assignee:: A. Jesse Jiryu Davis
Reporter:: Coverity Collector User
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: Apr 05 2018 06:51:59 PM UTC
Updated:: Oct 28 2023 11:29:57 AM UTC
Resolved:: Apr 13 2018 01:47:06 PM UTC

Details

Description

Attachments

Activity

People

Dates