Text   |  XML   |  ReML   |   Visible Warnings:

Integer Overflow of Allocation Size  at wimaxasncp_dict.c:2493

No properties have been set. | edit properties
Jump to warning location ↓ warning details...
Show Events | Options

yy_push_state

(/home/sate/Testcases/c/cve/wireshark-1.2.0/plugins/wimaxasncp/wimaxasncp_dict.c)expand/collapse
Show more  
 2486      static void yy_push_state (int  new_state )
 2487  {
 2488          if ( (yy_start_stack_ptr) >= (yy_start_stack_depth) )
 2489                  {
 2490                  yy_size_t new_size;
 2491   
 2492                  (yy_start_stack_depth) += YY_START_STACK_INCR;
 2493                  new_size = (yy_start_stack_depth) * sizeof( int );
 2494   
 2495                  if ( ! (yy_start_stack) )
 2496                          (yy_start_stack) = (int *) WimaxasncpDictalloc(new_size  );
 2497   
 2498                  else 
 2499[+]                         (yy_start_stack) = (int *) WimaxasncpDictrealloc((void *) (yy_start_stack),new_size  );
expand/collapse

WimaxasncpDictrealloc

(/home/sate/Testcases/c/cve/wireshark-1.2.0/plugins/wimaxasncp/wimaxasncp_dict.c)expand/collapse
Show more  
 2717  void *WimaxasncpDictrealloc  (void * ptr, yy_size_t  size )
 2718  {
 2719          /* The cast to (char *) in the following accommodates both 
 2720           * implementations that use char* generic pointers, and those
 2721           * that use void* generic pointers.  It works with the latter
 2722           * because both ANSI C and C++ allow castless assignment from
 2723           * any pointer type to void*, and deal with argument conversions 
 2724           * as though doing an assignment.
 2725           */
 2726          return (void *) realloc( (char *) ptr, size );
Show more  
Show more  




Change Warning 3928.30104 : Integer Overflow of Allocation Size

Priority:
State:
Finding:
Owner:
Note: