Bug 217738 - sbin/ipfw/nat64lsn.c: PVS-Studio: CWE-467: Use of sizeof() on a Pointer Type
Summary: sbin/ipfw/nat64lsn.c: PVS-Studio: CWE-467: Use of sizeof() on a Pointer Type
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Many People
Assignee: freebsd-ipfw mailing list
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2017-03-13 11:32 UTC by Svyatoslav
Modified: 2017-03-13 17:54 UTC (History)
1 user (show)

See Also:


Attachments
git patch (469 bytes, patch)
2017-03-13 11:32 UTC, Svyatoslav
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Svyatoslav 2017-03-13 11:32:04 UTC
Created attachment 180763 [details]
git patch

We have found and fixed a vulnerability using PVS-Studio tool. PVS-Studio is a static code analyzer for C, C++ and C#: https://www.viva64.com/en/pvs-studio/

Analyzer warning: V512 A call of the 'memset' function will lead to underflow of the buffer 'plog'. nat64lsn.c 218
Comment 1 commit-hook freebsd_committer 2017-03-13 17:54:06 UTC
A commit references this bug:

Author: cem
Date: Mon Mar 13 17:53:46 UTC 2017
New revision: 315204
URL: https://svnweb.freebsd.org/changeset/base/315204

Log:
  nat64lsn: Use memset() with structure, not pointer, size

  PR:		217738
  Submitted by:	Svyatoslav <razmyslov at viva64.com>
  Sponsored by:	Viva64 (PVS-Studio)

Changes:
  head/sys/netpfil/ipfw/nat64/nat64lsn.c