touch-packages team mailing list archive

Thread
Date

[Bug 937579] Re: Coverity SECURE_CODING - CID 10657

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Marco Trevisan (Treviño) <mail@xxxxxxxxx>
Date: Thu, 10 Sep 2015 01:19:33 -0000
Reply-to: Bug 937579 <937579@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: nux (Ubuntu)
       Status: New => Fix Released

** Changed in: nux (Ubuntu)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nux in Ubuntu.
https://bugs.launchpad.net/bugs/937579

Title:
  Coverity SECURE_CODING - CID 10657

Status in Nux:
  Fix Released
Status in Nux 4.0 series:
  Fix Released
Status in nux package in Ubuntu:
  Fix Released

Bug description:
  This bug is exported from the Coverity Integration Manager on Canonical's servers. For information on how this is done please see this website: https://wiki.ubuntu.com/CanonicalProductStrategy/Coverity
  CID: 10657
  Checker: SECURE_CODING
  Category: No category available
  CWE definition: http://cwe.mitre.org/data/definitions/676.html
  File: /tmp/buildd/nux-2.4.0/NuxCore/TinyXML/tinyxml.cpp
  Function: TiXmlAttribute::QueryIntValue(int *) const
  Code snippet:
  1389 
  1390 
  1391 int TiXmlAttribute::QueryIntValue ( int *ival ) const
  1392 {
  CID 10657 - SECURE_CODING
  [VERY RISKY]. Using "sscanf" can cause a buffer overflow when done incorrectly.  sscanf() assumes an arbitrarily large string, so callers must use correct precision specifiers or never use sscanf(). Use correct precision specifiers or do your own parsing.
  1393   if ( TIXML_SSCANF ( value.c_str(), "%d", ival ) == 1 )
  1394     return TIXML_SUCCESS;
  1395 
  1396   return TIXML_WRONG_TYPE;
  1397 }
  1398

To manage notifications about this bug go to:
https://bugs.launchpad.net/nux/+bug/937579/+subscriptions