V505. The 'alloca' function is used inside the loop. This can quickly overflow stack.

The analyzer detected a use of the alloca function inside a loop. Since the alloca function uses stack memory, its repeated call in the loop body might unexpectedly cause a stack overflow.

Here is an example of dangerous code:

for (size_t i = 0; i < n; ++i)
  if (wcscmp(strings[i], A2W(pszSrc[i])) == 0)
  { 
    ...
  }

The _alloca function is used inside the A2W macro. Whether this code will cause an error or not depends upon the length of the processed strings, their number and size of the available stack.

According to Common Weakness Enumeration, potential errors found by using this diagnostic are classified as CWE-770.

You can look at examples of errors detected by the V505 diagnostic.

This website uses cookies and other technology to provide you a more personalized experience. By continuing the view of our web-pages you accept the terms of using these files. If you don't want your personal data to be processed, please, leave this site. Learn More →

V505. The 'alloca' function is used inside the loop. This can quickly overflow stack.

Bugs Found

Checked Projects

Collected Errors

Recent Posts

Checking QEMU using PVS-Studio

PVS-Studio code analyzer as a tool for finding security defects and providing application security. Report by Forrester Research on SAST, Q3 2020

Checking the Code of XMage, and Why You Won't Be Able to Get the Special Rare Cards of the Dragon's Maze Collection

PVS-Studio 7.09

Static code analysis of the PMDK library collection by Intel and errors that are not actual errors

Do you make errors in the code?

Follow us

PVS-Studio

Buy

Achievements

Interesting

Company

PVS-Studio

Buy

Achievements

Interesting

Company