Hello.
Here are the security issues VS2K8 found with the code, using its code
analysis module. It might be a good excercise to either fix these bugs or
explain why they're not a vulnerability in shttpd!
Running Code Analysis for C/C++...
\shttpd-1.38\src\shttpd.cpp(426) : warning C6262: Function uses '33864'
bytes of stack: exceeds /analyze:stacksize'16384'. Consider moving some data
to heap
\shttpd-1.38\src\shttpd.cpp(600) : warning C6011: Dereferencing NULL pointer
'c->headers': Lines: 571, 572, 573, 575, 576, 578, 581, 583, 584, 590, 593,
594, 597, 598, 599, 600
\shttpd-1.38\src\shttpd.cpp(602) : warning C6011: Dereferencing NULL pointer
'c->headers++': Lines: 571, 572, 573, 575, 576, 578, 581, 583, 584, 590,
593, 594, 597, 598, 599, 600, 602
\shttpd-1.38\src\mime_type.cpp(95) : warning C6054: String 'mime' might not
be zero-terminated: Lines: 83, 84, 86, 90, 92, 94, 95
\shttpd-1.38\src\mime_type.cpp(90) : warning C6387: 'argument 3' might be
'0': this does not adhere to the specification for the function 'fgets':
Lines: 83, 84, 86, 87, 90
\shttpd-1.38\src\mime_type.cpp(103) : warning C6387: 'argument 1' might be
'0': this does not adhere to the specification for the function 'fclose':
Lines: 83, 84, 86, 87, 90, 103
\shttpd-1.38\src\log.cpp(17) : warning C6262: Function uses '32856' bytes of
stack: exceeds /analyze:stacksize'16384'. Consider moving some data to heap
\shttpd-1.38\src\log.cpp(65) : warning C6262: Function uses '32860' bytes of
stack: exceeds /analyze:stacksize'16384'. Consider moving some data to heap
t\shttpd-1.38\src\io_dir.cpp(30) : warning C6386: Buffer overrun: accessing
'buf', the writable size is '260' bytes, but '261' bytes might be written:
Lines: 21, 22, 23, 24, 26, 27, 28, 29, 30
\shttpd-1.38\src\config.cpp(59) : warning C6387: 'argument 1' might be '0':
this does not adhere to the specification for the function 'GetProcAddress':
Lines: 48, 49, 50, 52, 55, 56, 58, 59
\shttpd-1.38\src\auth.cpp(364) : warning C6385: Invalid data: accessing
'argument 2', the readable size is '512' bytes, but '1787' bytes might be
read: Lines: 331, 332, 333, 334, 336, 339, 340, 343, 345, 348, 349, 352,
353, 354, 356, 357, 358, 360, 364
\shttpd-1.38\src\auth.cpp(370) : warning C6387: 'argument 1' might be '0':
this does not adhere to the specification for the function 'fprintf': Lines:
331, 332, 333, 334, 336, 339, 340, 343, 345, 346, 348, 349, 352, 353, 354,
356, 357, 358, 360, 364, 370
\shttpd-1.38\src\auth.cpp(352) : warning C6387: 'argument 3' might be '0':
this does not adhere to the specification for the function 'fgets': Lines:
331, 332, 333, 334, 336, 339, 340, 343, 344, 348, 349, 352
All the best,
Yossi.
--
--
Yossi Oren
[EMAIL PROTECTED]
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
shttpd-general mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shttpd-general
