Buffer overflow error

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • nikileshsa
    New Member
    • Dec 2008
    • 1
    #1

    Buffer overflow error

    I hv given below the code snippet
    my static analyser tool gives an error message
    "Buffer overflow, array index of 'old_name' may be outside the bounds. Array 'old_name' of size 64 declared at line 677 may use index values 0..83 "

    class file1
    {
    publlic:
    boolean open(const char* name);
    private:
    FILE *fh;
    }

    Boolean file1::open(con st char* name)
    {
    if((fh = fopen(name, "r+")) != 0)
    {
    // do something here
    return TRUE;
    }
    return FALSE;
    }

    main()
    {
    char old_name[64];
    file1 w ;
    if( w.open(old_name ) )
    {
    do something here
    }

    Any insight on this would be appreciated
    Thanks in advance
    Tags: None
    • JosAH
      Recognized Expert MVP
      • Mar 2007
      • 11453
      #2
      There is no valid file name stored in array old_name.

      kind regards,

      Jos

        Comment

        • Banfa
          Recognized Expert Expert
          • Feb 2006
          • 9067
          #3
          Also main should return int (although that wont be creating this error)

            Comment

            • whodgson
              Contributor
              • Jan 2007
              • 542
              #4
              I think you need a ; after the closing class bracket

                Comment

                • Ganon11
                  Recognized Expert Specialist
                  • Oct 2006
                  • 3651
                  #5
                  whodgson, Banfa, and JosAH are all correct. You can't try to open that garbage - you have no idea what bogus values are in the memory location until you set it yourself. Better get a filename in there, or at least make sure it's null-terminated by the 64th character.

                    Comment

                    Previous template Next
                    Working...