off by one bounds
Ted Unangst
tedu at coverity.com
Fri Aug 20 12:41:43 PDT 2004
errors in freebsd 4.10 found by Coverity's analysis.
awi_wep.c:awi_wep_setalgo, algo == sizeof
svr4_signal.c:SVR4_NSIG one larger than TBLSIZ
linprocfs_misc.c:linprocfs_doprocstatus, p_stat == sizeof
ibcs2_msg.c:ibcs2_poll, fd == FD_SETSIZE
if_ray.c:ray_rx_mgt_info, len == NWID_LEN
ciss.c:ciss_cam_action_io, target == CISS_MAX_LOGICAL
in6.c:in6_are_prefix_equal len == 128
in6.c:in6_prefixlen2mask, len == 128
ip_icmp.c:ip_next_mtu, i == sizeof, dir >= 0
More information about the freebsd-hackers
mailing list