Hi, I'm a developer of a static analysis tool canalyze. Recently I applied it to make-3.82. It seems some reports are real after by manually checking: 1. Null Dereference file: hash.c function: hash_rehash At line 262: ht->ht_vec = (void **) CALLOC (struct token *, ht->ht_size); Should we check ht->ht_vec is not null (allocating failing) before we use it?
2. Out of bound file: function.c function: func_sort At line 1150: words = xmalloc (wordi * sizeof (char *)); The value of wordi may be 1. At line 1171: if (i == wordi - 1 || strlen (words[i + 1]) != len words[i + 1] may cause overflow. Hope for your replies! Regards, -- Zhenbo Xu
_______________________________________________ Bug-make mailing list Bug-make@gnu.org https://lists.gnu.org/mailman/listinfo/bug-make
