hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-14 11:19:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Revert "C++: Whitespace commit to make qhelp show up in diff."

Browse Source 
This reverts commit ec192d621c.
This commit is contained in:
Mathias Vorreiter Pedersen
2023-05-25 15:21:09 -07:00
parent ec192d621c
commit 960e6521a4
1 changed files with 22 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
cpp/ql/src/Security/CWE/CWE-119/OverrunWriteProductFlow.qhelp
View File

@@ -1,29 +1,29 @@
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>You must ensure that you do not exceed the size of an allocation during write and read operations.
If an operation attempts to write to or access an element that is outside the range of the allocation then this results in a buffer overflow.
Buffer overflows can lead to anything from a segmentation fault to a security vulnerability.
</p>
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>You must ensure that you do not exceed the size of an allocation during write and read operations.
If an operation attempts to write to or access an element that is outside the range of the allocation then this results in a buffer overflow.
Buffer overflows can lead to anything from a segmentation fault to a security vulnerability.
</p>
</overview>
<recommendation>
<p>
Check the offsets and sizes used in the highlighted operations to ensure that a buffer overflow will not occur.
</p>
</overview>
<recommendation>
<p>
Check the offsets and sizes used in the highlighted operations to ensure that a buffer overflow will not occur.
</p>
</recommendation>
<example><sample src="OverrunWriteProductFlow.cpp" />
</recommendation>
<example><sample src="OverrunWriteProductFlow.cpp" />
</example>
<references>
</example>
<references>
<li>I. Gerg. <em>An Overview and Example of the Buffer-Overflow Exploit</em>. IANewsletter vol 7 no 4. 2005.</li>
<li>M. Donaldson. <em>Inside the Buffer Overflow Attack: Mechanism, Method &amp; Prevention</em>. SANS Institute InfoSec Reading Room. 2002.</li>
<li>I. Gerg. <em>An Overview and Example of the Buffer-Overflow Exploit</em>. IANewsletter vol 7 no 4. 2005.</li>
<li>M. Donaldson. <em>Inside the Buffer Overflow Attack: Mechanism, Method &amp; Prevention</em>. SANS Institute InfoSec Reading Room. 2002.</li>
</references>
</qhelp>
</references>
</qhelp>