You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 lines
2.9 KiB
11 lines
2.9 KiB
codetoanalyze/cpp/quandaryBO/codec.cpp, Codec_Bad2::foo_Bad_FN_FP, 3, INTEGER_OVERFLOW_L2, no_bucket, ERROR, [Unknown value from: __infer_taint_source,Assignment,Call,<LHS trace>,Parameter `w`,Assignment,Binary operation: ([0, +oo] - 1):unsigned64 by call to `Codec_Bad2::getP_Bad` ]
|
|
codetoanalyze/cpp/quandaryBO/codec.cpp, Codec_Bad::foo_Bad_FN, 4, INTEGER_OVERFLOW_L2, no_bucket, ERROR, [Unknown value from: __infer_taint_source,Assignment,Call,<LHS trace>,Parameter `w`,Assignment,Binary operation: ([0, +oo] - 1):unsigned32 by call to `Codec_Bad::getP_Bad` ]
|
|
codetoanalyze/cpp/quandaryBO/tainted_index.cpp, basic_bad, 3, TAINTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to __array_access with tainted index 0,-----------,<Offset trace>,Unknown value from: __infer_taint_source,Assignment,<Length trace>,Array declaration,Array access: Offset: [-oo, +oo] Size: 10]
|
|
codetoanalyze/cpp/quandaryBO/tainted_index.cpp, basic_bad, 3, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source,Call to __array_access with tainted index 0]
|
|
codetoanalyze/cpp/quandaryBO/tainted_index.cpp, memory_alloc_bad1_FN, 0, UNTRUSTED_VARIABLE_LENGTH_ARRAY, no_bucket, ERROR, [Return from __infer_taint_source,Call to __set_array_length with tainted index 1]
|
|
codetoanalyze/cpp/quandaryBO/tainted_index.cpp, memory_alloc_bad2, 3, TAINTED_MEMORY_ALLOCATION, no_bucket, ERROR, [Return from __infer_taint_source,Call to __set_array_length with tainted index 1,-----------,Unknown value from: __infer_taint_source,Assignment,Allocation: Length: [-oo, 2147483647]]
|
|
codetoanalyze/cpp/quandaryBO/tainted_index.cpp, memory_alloc_bad2, 3, UNTRUSTED_VARIABLE_LENGTH_ARRAY, no_bucket, ERROR, [Return from __infer_taint_source,Call to __set_array_length with tainted index 1]
|
|
codetoanalyze/cpp/quandaryBO/tainted_index.cpp, multi_level_bad, 2, TAINTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source with tainted data return*,Return from multi_level_source_bad,Call to multi_level_sink_bad with tainted index 0,Call to __array_access with tainted index 0,-----------,Call,Unknown value from: __infer_taint_source,Assignment,Assignment,Call,<Offset trace>,Parameter `i`,<Length trace>,Array declaration,Array access: Offset: [1, +oo] Size: 10 by call to `multi_level_sink_bad` ]
|
|
codetoanalyze/cpp/quandaryBO/tainted_index.cpp, multi_level_bad, 2, UNTRUSTED_BUFFER_ACCESS, no_bucket, ERROR, [Return from __infer_taint_source with tainted data return*,Return from multi_level_source_bad,Call to multi_level_sink_bad with tainted index 0,Call to __array_access with tainted index 0]
|
|
codetoanalyze/cpp/quandaryBO/tainted_index.cpp, overlapping_issues_good, 1, UNTRUSTED_VARIABLE_LENGTH_ARRAY, no_bucket, ERROR, [Return from __infer_taint_source with tainted data @val$0.size*,Return from overlapping_issues_source_good,Call to overlapping_issues_sink_good with tainted index 0,Call to __set_array_length with tainted index 1]
|