V505. The 'alloca' function is used inside the loop. This can quickly overflow stack.
V505 The 'alloca' function is used inside the loop. This can quickly overflow stack. applighter2 scene.cpp 942
Contact Us
#define CS_ALLOC_STACK_ARRAY(type, var, size) \
type *var = (type *)alloca ((size) * sizeof (type))
void Scene::PropagateLight (....)
{
....
PortalRefArray::Iterator it =
sourceSector->allPortals.GetIterator ();
while (it.HasNext ())
{
....
CS_ALLOC_STACK_ARRAY(csVector3,
tmpVertices, portal->worldVertices.GetSize ());
....
}
}
V505 The 'alloca' function is used inside the loop. This can quickly overflow stack. GridCtrl gridctrl.cpp 2332
COleDataSource* CGridCtrl::CopyTextFromGrid()
{
....
for (int row = Selection.GetMinRow();
row <= Selection.GetMaxRow(); row++)
{
....
sf.Write(T2A(str.GetBuffer(1)), str.GetLength());
....
}
....
}
This code is potentially dangerous. T2A() macro uses alloca() function. As alloca() function is called from within the loop, it can quickly lead to stack overflow.
V505 The 'alloca' function is used inside the loop. This can quickly overflow stack. ri polygons.cpp 1120
inline void triangulatePolygon(....) {
....
for (i=1;i<nloops;i++) {
....
do {
....
do {
....
CTriVertex *snVertex =
(CTriVertex *) alloca(2*sizeof(CTriVertex));
....
} while(dVertex != loops[0]);
....
} while(sVertex != loops[i]);
....
}
....
}
V505 The 'alloca' function is used inside the loop. This can quickly overflow stack. DeSmuME_VS2005 7zip.cpp 161
ArchiveFile::ArchiveFile(const char* filename)
{
....
for(size_t i = 0;
i < s_formatInfos.size() && m_typeIndex < 0;
i++)
{
....
char* fileSig = (char*)_alloca(len);
....
}
....
}
V505 The 'alloca' function is used inside the loop. This can quickly overflow stack. rijndael.cpp 1206
size_t Rijndael::Enc::AdvancedProcessBlocks(....) const
{
....
do {
space = (byte *)alloca(255+sizeof(Locals));
space += (256-(size_t)space%256)%256;
}
while (AliasedWithTable(space, space+sizeof(Locals)));
....
}
Similar errors can be found in some other places:
V505 The 'alloca' function is used inside the loop. This can quickly overflow stack. audio_io_test.c 247
int audio_io_loopback_in_test()
{
....
while (1) {
char *buffer = alloca(size);
if ((ret = audio_in_read(input, (void *)buffer, size)) >
AUDIO_IO_ERROR_NONE) {
fwrite(buffer, size, sizeof(char), fp);
printf("PASS, size=%d, ret=0x%x\n", size, ret);
} else {
printf("FAIL, size=%d, ret=0x%x\n", size, ret);
}
}
....
}
V505 The 'alloca' function is used inside the loop. This can quickly overflow stack. evas_font_dir.c 129
static Eina_List *
evas_font_set_get(const char *name)
{
....
const char *pp;
char *nm;
pp = name;
while (p)
{
nm = alloca(p - pp + 1);
strncpy(nm, pp, p - pp);
nm[p - pp] = 0;
fonts = eina_list_append(fonts, eina_stringshare_add(nm));
pp = p + 1;
p = strchr(pp, ',');
if (!p) fonts = eina_list_append(fonts,
eina_stringshare_add(pp));
}
....
}
Similar errors can be found in some other places:
