Примеры ошибок, обнаруженных с помощью диагностики V666

V666. Value may not correspond with the length of a string passed with YY argument. Consider inspecting the NNth argument of the 'Foo' function.

Trans-Proteomic Pipeline

V666 Consider inspecting third argument of the function 'strncmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. interprophetmain.cxx 151


int main(int argc, char** argv) {
  ....
  if (strcmp(argv[argidx], "NONSS") &&
      ....
      strncmp(argv[argidx], "CAT=", 4) &&
      strncmp(argv[argidx], "DECOY=", 6) &&
      strncmp(argv[argidx], "THREADS=", 6) &&
      strncmp(argv[argidx], "MINPROB=", 8)) {
  ....
}

Geant4 software

V666 Consider inspecting second argument of the function 'write'. It is possible that the value does not correspond with the length of a string which was passed with the first argument. _G4GMocren-archive g4gmocrenio.cc 1351


bool G4GMocrenIO::storeData2() {
  ....
  // file identifier
  ofile.write("GRAPE    ", 8);
  ....
}

Source Engine SDK


void CMultiplayRules::DeathNotice( .... )
{
  ....
  else if ( strncmp( killer_weapon_name, "NPC_", 8 ) == 0 )
  ....
}

Scilab


void CreCommon(f,var)
     FILE *f;
     VARPTR var;
{
  ....
  if ( strncmp(var->fexternal,"cintf",4)==0 )
  ....
}

Similar errors can be found in some other places:

V666 Consider inspecting third argument of the function 'strncmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. crerhs.c 121
V666 Consider inspecting third argument of the function 'strncmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. crerhs.c 123
V666 Consider inspecting third argument of the function 'strncmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. crerhs.c 125
And 1 additional diagnostic messages.

OpenSSL


static int asn1_cb(const char *elem, int len, void *bitstr)
{
  ....
  if (!strncmp(vstart, "ASCII", 5))
    arg->format = ASN1_GEN_FORMAT_ASCII;
  else if (!strncmp(vstart, "UTF8", 4))
    arg->format = ASN1_GEN_FORMAT_UTF8;
  else if (!strncmp(vstart, "HEX", 3))
    arg->format = ASN1_GEN_FORMAT_HEX;
  else if (!strncmp(vstart, "BITLIST", 3))
    arg->format = ASN1_GEN_FORMAT_BITLIST;
  else
  ....
}

OpenSSL

V666 Consider inspecting third argument of the function 'BIO_write'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. asn1_par.c 378


BIO_write(bp,"Error in encoding\n",18)
BIO_write(bp,"\n",1)
BIO_write(bp,":",1)
BIO_write(bp,":BAD OBJECT",11)
BIO_write(bp,"Bad boolean\n",12)

static int asn1_parse2(....)
{
  ....
  if (BIO_write(bp,"BAD ENUMERATED",11) <= 0)
    goto end;
  ....
}

OpenSSL

V666 Consider inspecting third argument of the function 'strncmp'. It is possible that the value does not correspond with the length of a string which was passed with the first argument. s_server.c 2703


static int www_body(....)
{
  ....
  if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) ||
       ((www == 2) && (strncmp("GET /stats ",buf,10) == 0)))
  ....
}

ITK


bool MetaScene::
Read(const char *_headerName)
{
  ....
  else if(!strncmp(objectType.c_str(),"Image",5) ||
  ....
  else if(!strncmp(objectType.c_str(),"Blob",4) ||
  ....
  else if(!strncmp(objectType.c_str(),"Landmark",8) ||
  ....
  else if(!strncmp(objectType.c_str(),"Surface",5) ||
  ....
}

Spring Engine

V666 Consider inspecting third argument of the function 'TokenMatch'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. assimp plyparser.cpp 185


PLY::ESemantic PLY::Property::ParseSemantic(....)
{
  ....
  else if (TokenMatch(pCur,"specular_alpha",14))
  {
    eOut = PLY::EST_SpecularAlpha;
  }
  else if (TokenMatch(pCur,"opacity",7))
  {
    eOut = PLY::EST_Opacity;
  }
  else if (TokenMatch(pCur,"specular_power",6))
  {
    eOut = PLY::EST_PhongPower;
  }
  ....
}

LibreOffice

V666 Consider inspecting third argument of the function 'rsc_strnicmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. start.cxx 179


static bool CallRsc2(....)
{
  ....
  if( !rsc_strnicmp( ....,  "-fp=", 4 ) ||
      !rsc_strnicmp( ...., "-fo=", 4 ) ||
      !rsc_strnicmp( ...., "-presponse", 9 ) ||   // <=
      !rsc_strnicmp( ...., "-rc", 3 ) ||
      !rsc_stricmp( ...., "-+" ) ||
      !rsc_stricmp( ...., "-br" ) ||
      !rsc_stricmp( ...., "-bz" ) ||
      !rsc_stricmp( ...., "-r" ) ||
      ( '-' != *.... ) )
  ....
}

OpenJDK


static bool
parse_bool (const char **pp, const char *end, unsigned int *pv)
{
  ....

  /* CSS allows on/off as aliases 1/0. */
  if (*pp - p == 2 || 0 == strncmp (p, "on", 2))
    *pv = 1;
  else if (*pp - p == 3 || 0 == strncmp (p, "off", 2))
    *pv = 0;
  else
    return false;

  return true;
}

Inkscape


static Inkscape::Filters::FilterBlendMode
 sp_feBlend_readmode(....) {
  ....
  switch (value[0]) {
    case 'n':
      if (strncmp(value, "normal", 6) == 0)
        return Inkscape::Filters::BLEND_NORMAL;
      break;
    case 'm':
      ....
    case 's':
      if (strncmp(value, "screen", 6) == 0)
          return Inkscape::Filters::BLEND_SCREEN;
      if (strncmp(value, "saturation", 6) == 0) // <=
          return Inkscape::Filters::BLEND_SATURATION;
      break;
    case 'd':
      ....
    case 'o':
      if (strncmp(value, "overlay", 7) == 0)
          return Inkscape::Filters::BLEND_OVERLAY;
      break;
    case 'c':
      ....
    case 'h':
      if (strncmp(value, "hard-light", 7) == 0) // <=
          return Inkscape::Filters::BLEND_HARDLIGHT;
      ....
      break;
    ....
  }
}

Linux Kernel


static ssize_t write_file_spec_scan_ctl(struct file *file,
          const char __user *user_buf,
          size_t count, loff_t *ppos)
{
  struct ath10k *ar = file->private_data;
  char buf[32];
  ssize_t len;
  int res;

  len = min(count, sizeof(buf) - 1);
  if (copy_from_user(buf, user_buf, len))
    return -EFAULT;

  buf[len] = '\0';

  mutex_lock(&ar->conf_mutex);

  if (strncmp("trigger", buf, 7) == 0) {
    ....
  } else if (strncmp("background", buf, 9) == 0) {
    res = ath10k_spectral_scan_config(ar, SPECTRAL_BACKGROUND);
  } else if (strncmp("manual", buf, 6) == 0) {
    res = ath10k_spectral_scan_config(ar, SPECTRAL_MANUAL);
  } else if (strncmp("disable", buf, 7) == 0) {
    res = ath10k_spectral_scan_config(ar, SPECTRAL_DISABLED);
  } else {
    res = -EINVAL;
  }

  mutex_unlock(&ar->conf_mutex);

  if (res < 0)
    return res;

  return count;
}

Linux Kernel

V666 Consider inspecting third argument of the function 'memcpy'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. dpt_i2o.c 403


static void adpt_inquiry(adpt_hba* pHba)
{
  ....
  memset(pHba->detail, 0, sizeof(pHba->detail));
  memcpy(&(pHba->detail), "Vendor: Adaptec ", 16);
  memcpy(&(pHba->detail[16]), " Model: ", 8);
  memcpy(&(pHba->detail[24]), (u8*) &buf[16], 16);
  memcpy(&(pHba->detail[40]), " FW: ", 4);              // <=
  memcpy(&(pHba->detail[44]), (u8*) &buf[32], 4);
  pHba->detail[48] = '\0';  /* precautionary */
  ....
}

FreeBSD Kernel


int
ipf_p_irc_complete(ircp, buf, len)
  ircinfo_t *ircp;
  char *buf;
  size_t len;
{
  ....
  if (strncmp(s, "PRIVMSG ", 8))
    return 0;
  ....
  if (strncmp(s, "\001DCC ", 4))  // <=
    return 0;
  ....
}

Bind

V666 Consider inspecting third argument of the function 'strncasecmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. nslookup.c 723


static void
setoption(char *opt) {
  ....
  } else if (strncasecmp(opt, "deb", 3) == 0) {
    short_form = ISC_FALSE;
    showsearch = ISC_TRUE;
  } else if (strncasecmp(opt, "nodeb", 5) == 0) {
    short_form = ISC_TRUE;
    showsearch = ISC_FALSE;
  } else if (strncasecmp(opt, "d2", 2) == 0) {
    debugging = ISC_TRUE;
  } else if (strncasecmp(opt, "nod2", 4) == 0) {
    debugging = ISC_FALSE;
  } else if (strncasecmp(opt, "search", 3) == 0) {    // <=
    usesearch = ISC_TRUE;
  } else if (strncasecmp(opt, "nosearch", 5) == 0) {  // <=
    usesearch = ISC_FALSE;
  } else if (strncasecmp(opt, "sil", 3) == 0) {
    /* deprecation_msg = ISC_FALSE; */
  } else if (strncasecmp(opt, "fail", 3) == 0) {      // <=
    nofail=ISC_FALSE;
  } else if (strncasecmp(opt, "nofail", 3) == 0) {    // <=
    nofail=ISC_TRUE;
  } else if (strncasecmp(opt, "ndots=", 6) == 0) {
    set_ndots(&opt[6]);
  } else {
    printf("*** Invalid option: %s\n", opt);
  }
}

Similar errors can be found in some other places:

V666 Consider inspecting third argument of the function 'strncasecmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. nslookup.c 725
V666 Consider inspecting third argument of the function 'strncasecmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. nslookup.c 729
V666 Consider inspecting third argument of the function 'strncasecmp'. It is possible that the value does not correspond with the length of a string which was passed with the second argument. nslookup.c 731

Bind


int
main(int argc, char *argv[]) {
  ....
        if (strncmp(text, "CLASS", 4) != 0)
          fprintf(stdout, "%s\n", text);
  ....
}

Enlightenment


static void
_e_info_client_proc_slot_set(int argc, char **argv)
{
  ....
  if (!strncmp(argv[2], "start", strlen("start")))
    mode = E_INFO_CMD_MESSAGE_START;
  if (!strncmp(argv[2], "list", strlen("list")))
    mode = E_INFO_CMD_MESSAGE_LIST;
  if (!strncmp(argv[2], "create", strlen("add")))          // <=
    mode = E_INFO_CMD_MESSAGE_CREATE;
  if (!strncmp(argv[2], "modify", strlen("modify")))
    mode = E_INFO_CMD_MESSAGE_MODIFY;
  if (!strncmp(argv[2], "del", strlen("del")))
    mode = E_INFO_CMD_MESSAGE_DEL;
  ....
}

Enlightenment


int
main(int argc, char **argv)
{
  ....
  if ((!strncmp(environ[i], "LD_", 3)) ||
      (!strncmp(environ[i], "_RLD_", 5)) ||
      (!strncmp(environ[i], "LC_", 3)) ||
      (!strncmp(environ[i], "LDR_", 3)))         // <=
  ....
}

CARLA


 virtual void visit(ir_variable *var)
  {
    ....
    const bool bBuiltinVariable = (var->name &&
                                   strncmp(var->name, "gl_", 3) == 0);

    if (bBuiltinVariable && ShaderTarget == vertex_shader &&
                            strncmp(var->name, "gl_InstanceID", 13) == 0)
    {
      bUsesInstanceID = true;
    }

    if (bBuiltinVariable &&
      var->centroid == 0 && (var->interpolation == 0 ||
                             strncmp(var->name, "gl_Layer", 3) == 0) &&
      var->invariant == 0 && var->origin_upper_left == 0 &&
      var->pixel_center_integer == 0)
    {
      // Don't emit builtin GL variable declarations.
      needs_semicolon = false;
    }
    else if (scope_depth == 0 && var->mode == ir_var_temporary)
    {
      global_instructions.push_tail(new(mem_ctx) global_ir(var));
      needs_semicolon = false;
    }
    else {....}
    ....
}

Заполните форму в два простых шага ниже:

Ваши контактные данные:

Тип желаемой лицензии:

Примеры ошибок, обнаруженных с помощью диагностики V666

Trans-Proteomic Pipeline

Geant4 software

Source Engine SDK

Scilab

OpenSSL

OpenSSL

OpenSSL

ITK

Spring Engine

LibreOffice

OpenJDK

Inkscape

Linux Kernel

Linux Kernel

FreeBSD Kernel

Bind

Bind

Enlightenment

Enlightenment

CARLA

Хотите получить бесплатную лицензию?