[ZBX-10219] Wrong sizeof() in str.c reported by Coverity Created: 2015 Dec 29 Updated: 2017 May 30 Resolved: 2016 Jan 11 |
|
| Status: | Closed |
| Project: | ZABBIX BUGS AND ISSUES |
| Component/s: | Agent (G), Proxy (P), Server (S) |
| Affects Version/s: | 2.2.12rc1, 2.4.8rc1, 3.0.0alpha6 |
| Fix Version/s: | 2.2.12rc1, 2.4.8rc1, 3.0.0alpha6 |
| Type: | Incident report | Priority: | Trivial |
| Reporter: | Glebs Ivanovskis (Inactive) | Assignee: | Unassigned |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
|
In src/libs/zbxcommon/str.c in zbx_strarr_init() we have char ***arr and *arr = zbx_malloc(*arr, sizeof(char **));
Similar situation in zbx_strarr_add(): *arr = zbx_realloc(*arr, sizeof(char **) * (i + 2));
Type of *arr is char ** and it points to char *. Therefore sizeof(char **) should be replaced with sizeof(char *). CID 118948 and CID 118911. |
| Comments |
| Comment by Glebs Ivanovskis (Inactive) [ 2015 Dec 29 ] |
|
Fix for version 2.2 is available in development branch svn://svn.zabbix.com/branches/dev/ZBX-10219-22 revision 57391. |
| Comment by Sandis Neilands (Inactive) [ 2016 Jan 07 ] |
|
Successfully tested. |
| Comment by Glebs Ivanovskis (Inactive) [ 2016 Jan 08 ] |
|
Fixed in pre-2.2.12rc1 r57487, pre-2.4.8rc1 r57488, pre-3.0.0alpha6 (trunk) r57489. |