V505. The 'alloca' function is used inside the loop. This can quickly overflow stack.


The analyzer detected a use of the alloca function inside a loop. Since the alloca function uses stack memory, its repeated call in the loop body might unexpectedly cause a stack overflow.

Here is an example of dangerous code:

for (size_t i = 0; i < n; ++i)
  if (wcscmp(strings[i], A2W(pszSrc[i])) == 0)
  { 
    ...
  }

The _alloca function is used inside the A2W macro. Whether this code will cause an error or not depends upon the length of the processed strings, their number and size of the available stack.

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-770.

You can look at examples of errors detected by the V505 diagnostic.


Bugs Found

Checked Projects
344
Collected Errors
12 970