NetBSD Problem Report #50745

From www@NetBSD.org  Tue Feb  2 10:26:53 2016
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.NetBSD.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 813667AC9C
	for <gnats-bugs@gnats.NetBSD.org>; Tue,  2 Feb 2016 10:26:53 +0000 (UTC)
Message-Id: <20160202102652.674037ACB5@mollari.NetBSD.org>
Date: Tue,  2 Feb 2016 10:26:52 +0000 (UTC)
From: d@NetBSD.org
Reply-To: dcb314@hotmail.com
To: gnats-bugs@NetBSD.org
Subject: src/usr.bin/ftp/cmds.c:1974]: (style) Array index 'i' is used before limits check.
X-Send-Pr-Version: www-1.0

>Number:         50745
>Category:       bin
>Synopsis:       src/usr.bin/ftp/cmds.c:1974]: (style) Array index 'i' is used before limits check.
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Feb 02 10:30:00 +0000 2016
>Last-Modified:  Sat Feb 06 19:45:00 +0000 2016
>Originator:     David Binderman
>Release:        cvs dated 20160131
>Organization:
>Environment:
>Description:
Source code is

      for (i = 0; *(ntin + i) && i < 16; i++) {

Maybe something like

      for (i = 0; (i < 16) && *(ntin + i); i++) {

might be better.

>How-To-Repeat:

>Fix:

>Release-Note:

>Audit-Trail:

From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: bin/50745: src/usr.bin/ftp/cmds.c:1974]: (style) Array index 'i'
 is used before limits check.
Date: Sat, 6 Feb 2016 19:40:39 +0000

 On Tue, Feb 02, 2016 at 10:30:00AM +0000, d@NetBSD.org wrote:
  > Source code is
  > 
  >       for (i = 0; *(ntin + i) && i < 16; i++) {
  > 
  > Maybe something like
  > 
  >       for (i = 0; (i < 16) && *(ntin + i); i++) {
  > 
  > might be better.

 There's more to it than that; the array bound is actually 17, not 16.

 It isn't clear to me that it makes sense for the limit to be either 16
 or 17 and not, say, 128, and it looks like much of the logic involved
 in handling this feature is screwy. But certainly "16" shouldn't be
 getting written literally inline halfway across the source from the
 definition of the array.

 I'm inclined to just rewrite the feature and fix up the logic, but I'm
 not sure if there are reasons for some of these properties.

 -- 
 David A. Holland
 dholland@netbsd.org

>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.