Closed Bug 173997 Opened 23 years ago Closed 23 years ago

flawfinder warnings in mail database

Categories

(MailNews Core :: Database, defect)

Product:
MailNews Core
Component:
Database
Platform:
x86
Windows NT
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: morse, Assigned: Bienvenu)

References

Details

Heikki ran flawfinder (http://www.dwheeler.com/flawfinder) on Mozilla 1.0.1 branch. flawfinder found 1 warning in mailnews database code (3741). Go through that list and for each warning: * If it is false positive, comment here why it is not an issue * If it is a real issue, make patch for it here and let's get them checked in In addition to checking the branch, also check the trunk. 3741) mailnews/db/msgdb/src/nsMsgDatabase.cpp:894 [4] (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
Blocks: 148251
This instance of strcpy is safe for the following reason: dst = result which is dimensioned 2 more than the length of src = ioPath so we have room for the terminating zero, and room for one more char besides src is then possibly reduced by 1, which makes things even safer dst is then possibly increased by 1, but we had room for one extra character therefore scrcpy(dst,src) is safe in this case Closing this report out as invalid.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → INVALID
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.