Subject: Re: libssh2 1.8.0 Code Analysis results.

Re: libssh2 1.8.0 Code Analysis results.

From: Alexander Lamaison <swish_at_lammy.co.uk>
Date: Sun, 4 Dec 2016 17:06:27 +0000

Thanks for the report George,

I've filed it as an issue on our github page:
https://github.com/libssh2/libssh2/issues/154

On 30 November 2016 at 02:38, George M. Garner Jr.
<ggarner_online_at_gmgsystemsinc.com> wrote:
> The following are the code analysis results compiling using Visual Studio
> 2015 with wincng. Note in particular the two possible stack-based buffer
> overruns.
>
> Running Code Analysis for C/C++...
> Generating Code...
> Creating library .\libssh2-2.1.8.0\win32\v140\Win32\WinCNG DLL
> Debug\libssh2.lib and object .\libssh2-2.1.8.0\win32\v140\Win32\WinCNG DLL
> Debug\libssh2.exp
> libssh2.vcxproj -> .\libssh2-2.1.8.0\win32\v140\Win32\WinCNG DLL
> Debug\libssh2.dll
> libssh2.vcxproj -> .\libssh2-2.1.8.0\win32\v140\Win32\WinCNG DLL
> Debug\libssh2.pdb (Full PDB)
> .\libssh2-2.1.8.0\src\kex.c(270): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\kex.c(299): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\kex.c(894): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\kex.c(923): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\knownhost.c(1088): warning C6031: Return value
> ignored: 'snprintf'.
> .\libssh2-2.1.8.0\src\knownhost.c(1091): warning C6031: Return value
> ignored: 'snprintf'.
> .\libssh2-2.1.8.0\src\knownhost.c(1094): warning C6031: Return value
> ignored: 'snprintf'.
> .\libssh2-2.1.8.0\src\knownhost.c(1097): warning C6031: Return value
> ignored: 'snprintf'.
> .\libssh2-2.1.8.0\src\knownhost.c(1110): warning C6031: Return value
> ignored: 'snprintf'.
> .\libssh2-2.1.8.0\src\knownhost.c(1113): warning C6031: Return value
> ignored: 'snprintf'.
> .\libssh2-2.1.8.0\src\knownhost.c(1116): warning C6031: Return value
> ignored: 'snprintf'.
> .\libssh2-2.1.8.0\src\knownhost.c(1119): warning C6031: Return value
> ignored: 'snprintf'.
> .\libssh2-2.1.8.0\src\misc.c(362): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\misc.c(367): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\misc.c(373): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\misc.c(466): warning C6386: Buffer overrun while
> writing to 'buffer+msglen': the writable size is '1536' bytes, but '1537'
> bytes might be written.
> .\libssh2-2.1.8.0\src\scp.c(297): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\scp.c(839): warning C6031: Return value ignored:
> 'snprintf'.
> .\libssh2-2.1.8.0\src\transport.c(90): warning C6386: Buffer overrun while
> writing to 'buffer': the writable size is '256' bytes, but 'used++' bytes
> might be written.
> _______________________________________________
> libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel 

-- 
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2016-12-04