Closed Bug 173997 Opened 20 years ago Closed 20 years ago
flawfinder warnings in mail database
Heikki ran flawfinder (http://www.dwheeler.com/flawfinder) on Mozilla 1.0.1 branch. flawfinder found 1 warning in mailnews database code (3741). Go through that list and for each warning: * If it is false positive, comment here why it is not an issue * If it is a real issue, make patch for it here and let's get them checked in In addition to checking the branch, also check the trunk. 3741) mailnews/db/msgdb/src/nsMsgDatabase.cpp:894  (buffer) strcpy: does not check for buffer overflows. Consider using strncpy or strlcpy.
This instance of strcpy is safe for the following reason: dst = result which is dimensioned 2 more than the length of src = ioPath so we have room for the terminating zero, and room for one more char besides src is then possibly reduced by 1, which makes things even safer dst is then possibly increased by 1, but we had room for one extra character therefore scrcpy(dst,src) is safe in this case Closing this report out as invalid.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.