[Debburn-devel] cdrkit-1.1.11 bug report
David Binderman
dcb314 at hotmail.com
Thu May 9 08:33:19 UTC 2013
Hello there,
I just ran the static analyser "cppcheck" over the source code of
cdrkit-1.1.11. It said
[cdrkit-1.1.11/libedc/edc_ecc.c:360]: (error) Buffer is accessed out of bounds: inout
Source code is
static int encode_L1_P(unsigned char inout[L1_RAW + L1_Q + L1_P])
{
unsigned char *P;
int i;
P = inout + L1_RAW + L1_Q;
memset(P, 0, L1_P);
for (i = 0; i < L2_RAW + L2_Q + L2_P; i++) {
unsigned char data;
data = inout[i];
L2_RAW + L2_Q + L2_P is a lot more than L1_RAW + L1_Q + L1+P.
This looks to me like a mixup between L1_* and L2_*. I am not sure
which set of three macros is the correct set for inout. Suggest
code rework.
Regards
David Binderman
More information about the Debburn-devel
mailing list