Hi guys,
Veracode scan report a lot of potential buffer overflow flaws are found during static code scan , see the attached screenshot. I want to ask if wxWidgets team will fix those issues or not?
for example Veracode report buffer.h has potential overflow,
wxbase311ud_net_vc_custom.dll source/.../include/wx/buffer.h 599 10/9/19
and look into source code, wxWidgets using memcpy, veracode considerate it is not safe.
void AppendData(const void *data, size_t len)
{
memcpy(GetAppendBuf(len), data, len);
UngetAppendBuf(len);
}
Thanks in advance
There are a lot of potential buffer overflow are found during static scan
There are a lot of potential buffer overflow are found during static scan
- Attachments
-
- scan result
- static_scan.png (75.79 KiB) Viewed 1762 times
Re: There are a lot of potential buffer overflow are found during static scan
This is a user forum. Please post again on the wx-users Google group where you can reach the actual wx developers.
https://groups.google.com/forum/#!topic/wx-users/
https://groups.google.com/forum/#!topic/wx-users/
Use the source, Luke!
Re: There are a lot of potential buffer overflow are found during static scan
Hi,
Or better yet - create a ticket on the trac.wxwidgets.org and see what core-devs will say.
BTW, what software did you analyze?
Thank you.
Or better yet - create a ticket on the trac.wxwidgets.org and see what core-devs will say.
BTW, what software did you analyze?
Thank you.
Re: There are a lot of potential buffer overflow are found during static scan
Thanks, i have post the question to wx-user google group:)
Re: There are a lot of potential buffer overflow are found during static scan
memcpy is innocent function if you previously checked size of destination buffer and size of data.yitiger wrote: ↑Tue Nov 19, 2019 7:01 am Hi guys,
Veracode scan report a lot of potential buffer overflow flaws are found during static code scan , see the attached screenshot. I want to ask if wxWidgets team will fix those issues or not?
for example Veracode report buffer.h has potential overflow,
wxbase311ud_net_vc_custom.dll source/.../include/wx/buffer.h 599 10/9/19
and look into source code, wxWidgets using memcpy, veracode considerate it is not safe.
void AppendData(const void *data, size_t len)
{
memcpy(GetAppendBuf(len), data, len);
UngetAppendBuf(len);
}
Thanks in advance
here they checked and expanded buffer if needed, to hold all the data, and have appended data using memcpy.
no problem.
ubuntu 20.04, wxWidgets 3.2.1
Re: There are a lot of potential buffer overflow are found during static scan
Actually, no one checks if the memory was allocated as expected. AFAIK Passing NULL to memcpy(), be it as dest or src, brings us to the undefined behaviour territory. And once there, nothing can be ruled out, including buffer overflow.
But wxWidgets code may not check for unsuccessful memory allocations in many places. IIRC, not even in some wxImage code...
Re: There are a lot of potential buffer overflow are found during static scan
replacement with "safe" variant of memcpy won't solve the problem of failed mem allocation. both functions will crash with "bad address access" interrupt, which signals about this kind of error. so there is no problem with neither missed "buffer overflow", nor missed wrong mem allocation, even if simple memcpy used.PB wrote: ↑Wed Nov 20, 2019 6:12 amActually, no one checks if the memory was allocated as expected. AFAIK Passing NULL to memcpy(), be it as dest or src, brings us to the undefined behaviour territory. And once there, nothing can be ruled out, including buffer overflow.
But wxWidgets code may not check for unsuccessful memory allocations in many places. IIRC, not even in some wxImage code...
so mentioned code piece has not a reason for ticket.
ubuntu 20.04, wxWidgets 3.2.1