libssh2 1.8.0 Code Analysis results.

Tue, 29 Nov 2016 18:42:07 -0800

The following are the code analysis results compiling using Visual Studio 2015 with wincng. Note in particular the two possible stack-based buffer overruns. 

Running Code Analysis for C/C++...
  Generating Code...

     Creating library .\libssh2-2.1.8.0\win32\v140\Win32\WinCNG DLL 
Debug\libssh2.lib and object .\libssh2-2.1.8.0\win32\v140\Win32\WinCNG 
DLL Debug\libssh2.exp
  libssh2.vcxproj -> .\libssh2-2.1.8.0\win32\v140\Win32\WinCNG DLL 
Debug\libssh2.dll
  libssh2.vcxproj -> .\libssh2-2.1.8.0\win32\v140\Win32\WinCNG DLL 
Debug\libssh2.pdb (Full PDB)
.\libssh2-2.1.8.0\src\kex.c(270): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\kex.c(299): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\kex.c(894): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\kex.c(923): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\knownhost.c(1088): warning C6031: Return value 
ignored: 'snprintf'.
.\libssh2-2.1.8.0\src\knownhost.c(1091): warning C6031: Return value 
ignored: 'snprintf'.
.\libssh2-2.1.8.0\src\knownhost.c(1094): warning C6031: Return value 
ignored: 'snprintf'.
.\libssh2-2.1.8.0\src\knownhost.c(1097): warning C6031: Return value 
ignored: 'snprintf'.
.\libssh2-2.1.8.0\src\knownhost.c(1110): warning C6031: Return value 
ignored: 'snprintf'.
.\libssh2-2.1.8.0\src\knownhost.c(1113): warning C6031: Return value 
ignored: 'snprintf'.
.\libssh2-2.1.8.0\src\knownhost.c(1116): warning C6031: Return value 
ignored: 'snprintf'.
.\libssh2-2.1.8.0\src\knownhost.c(1119): warning C6031: Return value 
ignored: 'snprintf'.
.\libssh2-2.1.8.0\src\misc.c(362): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\misc.c(367): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\misc.c(373): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\misc.c(466): warning C6386: Buffer overrun while 
writing to 'buffer+msglen':  the writable size is '1536' bytes, but 
'1537' bytes might be written.
.\libssh2-2.1.8.0\src\scp.c(297): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\scp.c(839): warning C6031: Return value ignored: 
'snprintf'.
.\libssh2-2.1.8.0\src\transport.c(90): warning C6386: Buffer overrun 
while writing to 'buffer':  the writable size is '256' bytes, but 
'used++' bytes might be written.

_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel























					Reply via email to