starred/C
1
0
Fork 0
mirror of https://github.com/TheAlgorithms/C.git synced 2026-02-04 05:44:35 +00:00
Code Issues 1.4k Packages Projects Releases Wiki Activity

[BUG] #186

New Issue
Closed
opened 2026-01-29 15:07:42 +00:00 by claunia · 2 comments
claunia commented 2026-01-29 15:07:42 +00:00
Owner
Copy Link

Originally created by @BugIdentifier on GitHub (Sep 5, 2024).

Description

Hi, certain potential security issues are found in this repository. Fixing them will remove certain security threats.
They are listed below for reference:

Expected behavior

Insertion, deletion should work

Actual behavior

Memory overflow, null pointer dereference might occur

Possible fix

No response

Steps to reproduce

This is a security analysis using Clang.

Context

Analyzing and compiling bfs.c to bfs.o
g->edges = malloc(V * sizeof(int *));
~~^~~~~~~~~~~~~~~
bfs.c:121:12: warning: Potential leak of memory pointed to by 'Q' [unix.Malloc]
return false;
^~~~~
1 warnings generated.

Analyzing and compiling dfs.c to dfs.o
g->edges = malloc(V * sizeof(int *));
~~^~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of dfs.c succeeded

Analyzing and compiling graph.c to graph.o
graph.c:29:25: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
g->edges = malloc(V * sizeof(int *));
~~^~~~~~~~~~~~~~~
1 warning generated.
Compilation and analysis of graph.c succeeded

Analyzing and compiling merge_sort.c to merge_sort.o
merge_sort.c:36:30: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
int *b = (int )malloc(n * sizeof(int)); / dynamic memory must be freed */
~~^~~~~~~~~~~~~
merge_sort.c:117:16: warning: Untrusted data is used to specify the buffer size (CERT/STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator) [alpha.security.taint.TaintPropagation]
a = (int *)malloc(n * sizeof(int));
^~~~~~~~~~~~~~~~~~~~~~~
merge_sort.c:117:25: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
a = (int *)malloc(n * sizeof(int));
~~^~~~~~~~~~~~~
3 warnings generated.

Analyzing and compiling queue.c to queue.o
queue.c:67:20: warning: Access to field 'next' results in a dereference of a null pointer (loaded from variable 'head') [core.NullDereference]
head->next = NULL;

1 warning generated.
Compilation and analysis of queue.c succeeded

Analyzing and compiling red_black_tree.c to red_black_tree.o
red_black_tree.c:26:1: warning: Potential leak of memory pointed to by 'create' [unix.Malloc]
}
^
1 warning generated.
Compilation and analysis of red_black_tree.c succeeded

Analyzing and compiling stack.c to stack.o
stack.c:37:35: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow]
array = malloc(sizeof(void *) * max);
~~~~~~~~~~~~~~~^~~~~
stack.c:55:20: warning: Assigned value is garbage or undefined [core.uninitialized.Assign]
*(tmp + i) = *(array + i);
^ ~~~~~~~~~~~~
2 warnings generated.

### Additional information

These security errors are fatal.
Originally created by @BugIdentifier on GitHub (Sep 5, 2024). ### Description Hi, certain potential security issues are found in this repository. Fixing them will remove certain security threats. They are listed below for reference: ### Expected behavior Insertion, deletion should work ### Actual behavior Memory overflow, null pointer dereference might occur ### Possible fix _No response_ ### Steps to reproduce This is a security analysis using Clang. ### Context Analyzing and compiling bfs.c to bfs.o g->edges = malloc(V * sizeof(int *)); ~~^~~~~~~~~~~~~~~ bfs.c:121:12: warning: Potential leak of memory pointed to by 'Q' [unix.Malloc] return false; ^~~~~ 1 warnings generated. Analyzing and compiling dfs.c to dfs.o g->edges = malloc(V * sizeof(int *)); ~~^~~~~~~~~~~~~~~ 1 warning generated. Compilation and analysis of dfs.c succeeded Analyzing and compiling graph.c to graph.o graph.c:29:25: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow] g->edges = malloc(V * sizeof(int *)); ~~^~~~~~~~~~~~~~~ 1 warning generated. Compilation and analysis of graph.c succeeded Analyzing and compiling merge_sort.c to merge_sort.o merge_sort.c:36:30: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow] int *b = (int *)malloc(n * sizeof(int)); /* dynamic memory must be freed */ ~~^~~~~~~~~~~~~ merge_sort.c:117:16: warning: Untrusted data is used to specify the buffer size (CERT/STR31-C. Guarantee that storage for strings has sufficient space for character data and the null terminator) [alpha.security.taint.TaintPropagation] a = (int *)malloc(n * sizeof(int)); ^~~~~~~~~~~~~~~~~~~~~~~ merge_sort.c:117:25: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow] a = (int *)malloc(n * sizeof(int)); ~~^~~~~~~~~~~~~ 3 warnings generated. Analyzing and compiling queue.c to queue.o queue.c:67:20: warning: Access to field 'next' results in a dereference of a null pointer (loaded from variable 'head') [core.NullDereference] head->next = NULL; ~~~~ ^ 1 warning generated. Compilation and analysis of queue.c succeeded Analyzing and compiling red_black_tree.c to red_black_tree.o red_black_tree.c:26:1: warning: Potential leak of memory pointed to by 'create' [unix.Malloc] } ^ 1 warning generated. Compilation and analysis of red_black_tree.c succeeded Analyzing and compiling stack.c to stack.o stack.c:37:35: warning: the computation of the size of the memory allocation may overflow [alpha.security.MallocOverflow] array = malloc(sizeof(void *) * max); ~~~~~~~~~~~~~~~^~~~~ stack.c:55:20: warning: Assigned value is garbage or undefined [core.uninitialized.Assign] *(tmp + i) = *(array + i); ^ ~~~~~~~~~~~~ 2 warnings generated. ### Additional information These security errors are fatal.
claunia added the Stalebug labels 2026-01-29 15:07:42 +00:00
claunia commented 2026-01-29 15:07:46 +00:00
Author
Owner
Copy Link

@github-actions[bot] commented on GitHub (Oct 6, 2024):

This issue has been automatically marked as abandoned because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions[bot] commented on GitHub (Oct 6, 2024): This issue has been automatically marked as abandoned because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
claunia commented 2026-01-29 15:07:48 +00:00
Author
Owner
Copy Link

@github-actions[bot] commented on GitHub (Oct 14, 2024):

Please ping one of the maintainers once you add more information and updates here. If this is not the case and you need some help, feel free to ask for help in our Gitter channel or our Discord server. Thank you for your contributions!

@github-actions[bot] commented on GitHub (Oct 14, 2024): Please ping one of the maintainers once you add more information and updates here. If this is not the case and you need some help, feel free to ask for help in our [Gitter](https://gitter.im/TheAlgorithms) channel or our [Discord server](https://the-algorithms.com/discord/). Thank you for your contributions!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
dont-close
enhancement
good first issue
hacktoberfest
hacktoberfest
help wanted
invalid
not-an-algorithm
out of date
Practice coding
pull-request
Mirrored from GitHub Pull Request
 question
Stale
wontfix
No Label bug Stale
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
claunia
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/C#186
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?