flawfinder

问题 The question is specific to a pattern that Flawfinder reports: The snippet unsigned char child_report; ... auto readlen = read(pipefd[0], (void *) &child_report, sizeof(child_report)); if(readlen == -1 || readlen != sizeof(child_report)) { _ret.failure = execute_result::PREIO ; // set some flags to report to the caller close(pipefd[0]); return _ret; } ... int sec_read = read(pipefd[0], (void *) &child_report, sizeof(child_report)); child_report = 0; // we are not using the read data at all //

问题 I have this code and run it with Flawinder, and i get this output on the read() functions: "Check buffer boundaries if used in a loop including recursive loops" Can anyone see the problem? ** #include <stdlib.h> void func(int fd) { char *buf; size_t len; read(fd, &len, sizeof(len)); if (len > 1024) return; buf = malloc(len+1); read(fd, buf, len); buf[len] = '\0'; } ** 回答1: you should check the return value of read() to know whether call to read() was success or failure or if read() was

问题 I have this code and run it with Flawinder, and i get this output on the read() functions: "Check buffer boundaries if used in a loop including recursive loops" Can anyone see the problem? ** #include <stdlib.h> void func(int fd) { char *buf; size_t len; read(fd, &len, sizeof(len)); if (len > 1024) return; buf = malloc(len+1); read(fd, buf, len); buf[len] = '\0'; } ** 回答1: you should check the return value of read() to know whether call to read() was success or failure or if read() was

问题 I have this code and run it with Flawinder, and i get this output on the read() functions: "Check buffer boundaries if used in a loop including recursive loops" Can anyone see the problem? ** #include <stdlib.h> void func(int fd) { char *buf; size_t len; read(fd, &len, sizeof(len)); if (len > 1024) return; buf = malloc(len+1); read(fd, buf, len); buf[len] = '\0'; } ** 回答1: you should check the return value of read() to know whether call to read() was success or failure or if read() was

问题 I have this code and run it with Flawinder, and i get this output on the read() functions: "Check buffer boundaries if used in a loop including recursive loops" Can anyone see the problem? ** #include <stdlib.h> void func(int fd) { char *buf; size_t len; read(fd, &len, sizeof(len)); if (len > 1024) return; buf = malloc(len+1); read(fd, buf, len); buf[len] = '\0'; } ** 回答1: you should check the return value of read() to know whether call to read() was success or failure or if read() was