[Cs-dev] Code in dssi4cs.c
| Date | 2014-01-27 11:17 |
| From | john ffitch |
| Subject | [Cs-dev] Code in dssi4cs.c |
Coverity has uncovered a number of problems with the code, some of
which I have fixed. But this one worries me.
In dssilist (line ~1035) we see
pcLADSPAPath = getenv("LADSPA_PATH");
pcDSSIPath = getenv("DSSI_PATH");
so the strings associated with these variables is allocated somewhere
not here and I assume of minimal length. On lin ~1048 we read
pcLADSPAPath = strcat((char *) pcLADSPAPath, ":");
pcLADSPAPath = strcat((char *) pcLADSPAPath, pcDSSIPath);
How can one be sure there is enough space? Surely one needs something
like malloc(strlen(pcLADSPAPath)+strlen(pcDSSIPath)+2) to be allocated
and then strcpy/strcat/strcat ? Or am I totally misunderstanding the
code?
Slight;y different, Coverity says thattdssiinit can leak memory from
variable PluginLibrary. This needs a review by someone who
understands the code
==John ffitch
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Csound-devel mailing list
Csound-devel@lists.sourceforge.net |
| Date | 2014-01-27 12:44 |
| From | Michael Gogins |
| Subject | Re: [Cs-dev] Code in dssi4cs.c |
| Attachments | None None |
Yes, the strcats are obvious problems. Best, Mike -----------------------------------------------------
Michael GoginsIrreducible Productions http://michaelgogins.tumblr.com Michael dot Gogins at gmail dot com On Mon, Jan 27, 2014 at 6:17 AM, john ffitch <jpff@codemist.co.uk> wrote: Coverity has uncovered a number of problems with the code, some of |