<< Return to list of all diagnostics
V579. The 'Foo' function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the N argument.
Apache HTTP Server
V579 The apr_snprintf function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the second argument. libhttpd util_pcre.c 85
AP_DECLARE(apr_size_t) ap_regerror(int errcode,
const ap_regex_t *preg, char *errbuf, apr_size_t errbuf_size)
{
...
apr_snprintf(errbuf, sizeof errbuf,
"%s%s%-6d", message, addmessage, (int)preg->re_erroffset);
...
}
Far Manager
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. far treelist.hpp 66
struct TreeItem
{
int *Last;
size_t LastCount;
...
void Clear()
{
strName.Clear();
memset(Last,0,sizeof(Last));
Depth=0;
}
};
This is what should have been written here: memset(Last,0,LastCount*sizeof(int));
ReactOS
V579 The strncmp function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. vga vbe.c 57
static const PCHAR Nv11Board = "NV11 (GeForce2) Board";
static const PCHAR Nv11Chip = "Chip Rev B2";
static const PCHAR Nv11Vendor = "NVidia Corporation";
BOOLEAN
IsVesaBiosOk(....)
{
...
if (!(strncmp(Vendor, Nv11Vendor, sizeof(Nv11Vendor))) &&
!(strncmp(Product, Nv11Board, sizeof(Nv11Board))) &&
!(strncmp(Revision, Nv11Chip, sizeof(Nv11Chip))) &&
(OemRevision == 0x311))
...
}
The error is this: sizeof() returns the pointer size, not string length.
Identical errors can be found in some other places:
- V579 The strncmp function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. vga vbe.c 54
- V579 The WriteFile function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. syssetup logfile.c 188
ReactOS
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. ntoskrnl cmcontrl.c 121
typedef struct _HHIVE
{
...
} HHIVE, *PHHIVE;
VOID
CmGetSystemControlValues(....)
{
PHHIVE SystemHive = (PHHIVE)&CmControlHive;
...
RtlZeroMemory(SystemHive, sizeof(SystemHive));
...
}
Most likely this is what should be written here: RtlZeroMemory(SystemHive, sizeof(*SystemHive));
Chromium
V579 The strncmp function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. ppapi_tests test_file_io.cc 759
V579 The strncmp function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. ppapi_tests test_file_io.cc 761
std::string TestFileIO::TestParallelReads() {
...
const char* expected_result_1 =
"__border__abc__border__";
const char* expected_result_2 =
"__border__defghijkl__border__";
if (strncmp(extended_buf_1, expected_result_1,
sizeof(expected_result_1)) != 0 ||
strncmp(extended_buf_2, expected_result_2,
sizeof(expected_result_2)) != 0) {
...
}
Chromium
V579 The strncmp function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. hunspell affixmgr.cxx 3545
int AffixMgr::parse_convtable(..., const char * keyword)
{
...
if (strncmp(piece, keyword, sizeof(keyword)) != 0) {
...
}
Doom 3
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. DoomDLL megatexture.cpp 542
void idMegaTexture::GenerateMegaMipMaps() {
...
byte *newBlock = (byte *)_alloca( tileSize );
...
memset( newBlock, 0, sizeof( newBlock ) );
...
}
Most likely this is what should be written here: memset( newBlock, 0, tileSize );
Mozilla Firefox
V579 The strncmp function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. affixmgr.cpp 3708
int AffixMgr::parse_convtable(..., const char * keyword)
{
...
if (strncmp(piece, keyword, sizeof(keyword)) != 0) {
HUNSPELL_WARNING(stderr,
"error: line %d: table is corrupt\n", af->getlinenum());
delete *rl;
*rl = NULL;
return 1;
}
...
}
Most likely this is what should be written here: if (strncmp(piece, keyword, strlen(keyword)) != 0) {
Mozilla Firefox
V579 The InternetSetOptionW function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the fourth argument. http_upload.cc 152
bool HTTPUpload::SendRequest(..., int *timeout, ...)
{
if (timeout) {
if (!InternetSetOption(request.get(),
INTERNET_OPTION_SEND_TIMEOUT,
timeout,
sizeof(timeout))) {
fwprintf(stderr,
L"Could not unset send timeout, continuing...\n");
}
...
}
Identical errors can be found in some other places:
- V579 The InternetSetOptionW function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the fourth argument. http_upload.cc 159
Quake-III-Arena
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. Radiant xywnd.cpp 3512
void CXYWnd::Paste()
{
...
char* pBuffer = new char[nLen+1];
memset( pBuffer, 0, sizeof(pBuffer) );
...
}
Most likely this is what should be written here: memset( pBuffer, 0, (nLen+1) * sizeof(char) );
Dolphin Emulator
V579 The memcmp function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. VideoDX11 d3dutil.cpp 598
void drawShadedTexSubQuad(...,
const MathUtil::Rectangle<float>* rDest, ...)
{
...
if (stsq_observer ||
memcmp(rDest, &tex_sub_quad_data.rdest,
sizeof(rDest)) != 0 ||
tex_sub_quad_data.u1 != u1 ||
tex_sub_quad_data.v1 != v1 ||
tex_sub_quad_data.u2 != u2 ||
tex_sub_quad_data.v2 != v2 ||
tex_sub_quad_data.G != G)
...
}
Dolphin Emulator
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. Core ppcanalyst.cpp 302
u32 Flatten(..., BlockStats *st, ...)
{
...
memset(st, 0, sizeof(st));
...
}
Quake-III-Arena
V579 The Com_Memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. quake3 cvar.c 763
void Cvar_Restart_f( void ) {
cvar_t *var;
...
// clear the var completely, since we
// can't remove the index from the list
Com_Memset( var, 0, sizeof( var ) );
...
}
Most likely this is what should be written here: Com_Memset( var, 0, sizeof( *var ) );
Trinity Core
V579 The strsncpy function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. ace name_request_reply.cpp 251
class ACE_Name_Request
{
...
char *type_;
};
void
ACE_Name_Request::type (const char *c)
{
ACE_TRACE ("ACE_Name_Request::type");
ACE_OS::strsncpy (this->type_,
c,
sizeof this->type_);
}
ADAPTIVE Communication Environment (ACE)
V579 The strsncpy function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. ACE name_request_reply.cpp 251
char *strsncpy (char *dst,
const char *src,
size_t maxlen);
class ACE_Export ACE_Name_Request
{
...
/// Pointer to the beginning of the type in this->data_;
char *type_;
};
void
ACE_Name_Request::type (const char *c)
{
ACE_TRACE ("ACE_Name_Request::type");
ACE_OS::strsncpy (this->type_,
c,
sizeof this->type_);
}
Blender
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. bf_imbuf tiff.c 442
static int imb_read_tiff_pixels(....)
{
float *fbuf=NULL;
...
memset(fbuf, 1.0, sizeof(fbuf));
...
}
Something strange. There's also 1.0 used here.
Identical errors can be found in some other places:
- V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. bf_imbuf tiff.c 450
PeerBlock
V579 The Curl_strntoupper function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. libcurl rtsp.c 753
void Curl_strntoupper(char *dest, const char *src, size_t n)
{
if(n < 1)
return;
do {
*dest++ = Curl_raw_toupper(*src);
} while(*src++ && --n);
}
CURLcode Curl_rtsp_parseheader(....)
{
...
char *temp = strdup(header);
...
Curl_strntoupper(temp, temp, sizeof(temp));
...
}
UCSniff
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. directory_parser.c 1338
int check_name_value(... ,char *target)
{
...
memset(target,'\0',sizeof(target));
...
}
MAME
V579 The memcmp function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. apridisk.c 128
static const char *apr_magic =
"ACT Apricot disk image\x1a\x04";
FLOPPY_IDENTIFY( apridisk_identify )
{
UINT8 header[APR_HEADER_SIZE];
/* get header */
floppy_image_read(floppy, &header, 0, sizeof(header));
/* look for the magic string */
if (memcmp(header, apr_magic, sizeof(apr_magic)) == 0)
...
}
Trans-Proteomic Pipeline
V579 The strncpy function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. CombineOut out2xml.cxx 210
void Out2XML::writeOutData() {
...
// assume a string of less than
// 9 characters will represent the charge state
char *chg=(char*)malloc(10 * sizeof(char));
// zero-fill the rest of the array
strncpy(chg, "1", sizeof(chg));
...
}
Identical errors can be found in some other places:
- V579 The strncpy function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. CombineOut out2xml.cxx 214
ffdshow
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. tfont.cpp 44
TprintPrefs::TprintPrefs(IffdshowBase *Ideci,
const TfontSettings *IfontSettings)
{
// This doesn't seem to help after optimization.
memset(this, 0, sizeof(this));
dx = dy = 0;
isOSD = false;
xpos = ypos = 0;
align = 0;
linespacing = 0;
sizeDx = 0;
sizeDy = 0;
...
}
Super! As always, the compiler is to blame. This is what should have been written here: sizeof(*this).
ffdshow
V579 The memcpy function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. avisynth.h 695
void Assign(const AVSValue* src, bool init) {
if (src->IsClip() && src->clip)
src->clip->AddRef();
if (!init && IsClip() && clip)
clip->Release();
// make sure this copies the whole struct!
//((__int32*)this)[0] = ((__int32*)src)[0];
//((__int32*)this)[1] = ((__int32*)src)[1];
memcpy(this,src,sizeof(this));
}
Come on, you scoundrel, get copied, get copied!
CamStudio
V579 The strcpy_s function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the second argument. camsys.cpp 39
LONG GetRegKey (HKEY key, LPCTSTR subkey, LPTSTR retdata)
{
HKEY hkey;
LONG retval = ::RegOpenKeyEx (key, subkey,
0, KEY_QUERY_VALUE, &hkey);
if (retval == ERROR_SUCCESS)
{
long datasize = MAX_PATH;
TCHAR data[MAX_PATH];
::RegQueryValue (hkey, NULL, data, &datasize);
// Cause C4996 warning, marked as deprecation candidate
// _tcscpy (retdata, data);
// Safe replacement
strcpy_s(retdata, sizeof(retdata), data );
::RegCloseKey (hkey);
}
return retval;
}
It was right but unsafe. Then they made it safe but not right :)
Samba
V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. reg_perfcount.c 945
static bool _reg_perfcount_init_data_block(....)
{
smb_ucs2_t *temp = NULL;
....
memset(temp, 0, sizeof(temp));
....
}
Most likely this is what should be written here: sizeof(*temp).
Identical errors can be found in some other places:
- V579 The cli_api function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the seventh argument. clirap2.c 331
- V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. engine.c 91
- V579 The memset function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the third argument. md2.c 133
OpenSSL
V579 The OPENSSL_cleanse function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the second argument. des.c 669
V579 The OPENSSL_cleanse function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the second argument. des.c 670
unsigned char cleanse_ctr = 0;
void OPENSSL_cleanse(void *ptr, size_t len)
{
unsigned char *p = ptr;
size_t loop = len, ctr = cleanse_ctr;
while(loop--)
{
*(p++) = (unsigned char)ctr;
ctr += (17 + ((size_t)p & 0xF));
}
p=memchr(ptr, (unsigned char)ctr, len);
if(p)
ctr += (63 + (size_t)p);
cleanse_ctr = (unsigned char)ctr;
}
void usage(void)
{
static unsigned char *buf=NULL,*obuf=NULL;
....
problems:
OPENSSL_cleanse(buf,sizeof(buf));
OPENSSL_cleanse(obuf,sizeof(obuf));
....
}
Identical errors can be found in some other places:
- V579 The OPENSSL_cleanse function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the second argument. ec_mult.c 173
- V579 The OPENSSL_cleanse function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the second argument. ec_mult.c 176
