Commit 1d68735e authored by Andre Maroneze's avatar Andre Maroneze 💬
Browse files

[basic-cwe-examples] use x86_64 machdep by default

parent 6e94cd55
Pipeline #31219 failed with stage
in 65 minutes and 47 seconds
......@@ -9,7 +9,7 @@ include $(shell $(FRAMAC)-config -print-share-path)/analysis-scripts/prologue.mk
# Edit below as needed. MACHDEP is mandatory. Suggested flags are optional.
MACHDEP = x86_32
MACHDEP = x86_64
## Preprocessing flags (for -cpp-extra-args)
CPPFLAGS += \
......
......@@ -59,7 +59,7 @@ static int my_strcmp(char const *s1, char const *s2)
{
int __retres;
size_t i;
i = (unsigned int)0;
i = (unsigned long)0;
while ((int)*(s1 + i) == (int)*(s2 + i)) {
if ((int)*(s1 + i) == 0) {
__retres = 0;
......@@ -107,7 +107,8 @@ void host_lookup(char *user_supplied_addr)
char hostname[64];
validate_addr_form(user_supplied_addr);
addr = my_inet_addr((char const *)user_supplied_addr);
hp = my_gethostbyaddr((void const *)(& addr),sizeof(struct in_addr),2);
hp = my_gethostbyaddr((void const *)(& addr),
(unsigned int)sizeof(struct in_addr),2);
strcpy(hostname,(char const *)hp->h_name);
return;
}
......
......@@ -59,7 +59,7 @@ static int my_strcmp(char const *s1, char const *s2)
{
int __retres;
size_t i;
i = (unsigned int)0;
i = (unsigned long)0;
while ((int)*(s1 + i) == (int)*(s2 + i)) {
if ((int)*(s1 + i) == 0) {
__retres = 0;
......@@ -107,7 +107,8 @@ void host_lookup(char *user_supplied_addr)
char hostname[64];
validate_addr_form(user_supplied_addr);
addr = my_inet_addr((char const *)user_supplied_addr);
hp = my_gethostbyaddr((void const *)(& addr),sizeof(struct in_addr),2);
hp = my_gethostbyaddr((void const *)(& addr),
(unsigned int)sizeof(struct in_addr),2);
strcpy(hostname,(char const *)hp->h_name);
return;
}
......
directory file line function property kind status property
. cwe190.c 42 main unsigned_overflow Invalid or unreachable (unsigned int)nresp * sizeof(char *) ≤ 4294967295
. cwe190.c 43 main unsigned_overflow Invalid or unreachable (unsigned long)nresp * sizeof(char *) ≤ 18446744073709551615
......@@ -5,9 +5,9 @@ Semantically reached functions = 5
Coverage estimation = 100.0%
[metrics] Statements analyzed by Eva
--------------------------
41 stmts in analyzed functions, 31 stmts analyzed (75.6%)
packet_get_int_ok: 5 stmts out of 5 (100.0%)
packet_get_int_problem: 5 stmts out of 5 (100.0%)
42 stmts in analyzed functions, 32 stmts analyzed (76.2%)
packet_get_long_ok: 6 stmts out of 6 (100.0%)
packet_get_long_problem: 5 stmts out of 5 (100.0%)
packet_get_string: 2 stmts out of 2 (100.0%)
random_int: 1 stmts out of 1 (100.0%)
random_long: 1 stmts out of 1 (100.0%)
main: 18 stmts out of 28 (64.3%)
cwe190.c:42:[nonterm] warning: non-terminating function call
cwe190.c:43:[nonterm] warning: non-terminating function call
stack: main
/* Generated by Frama-C */
#include "stdlib.h"
int volatile _rand;
int random_int(void)
long volatile _rand;
long random_long(void)
{
return _rand;
}
int packet_get_int_ok(void)
long packet_get_long_ok(void)
{
long __retres;
int tmp_0;
int tmp;
tmp = random_int();
long tmp;
tmp = random_long();
if (tmp) tmp_0 = 0; else tmp_0 = 123456;
return tmp_0;
__retres = (long)tmp_0;
return __retres;
}
int packet_get_int_problem(void)
long packet_get_long_problem(void)
{
int tmp_0;
int tmp;
tmp = random_int();
if (tmp) tmp_0 = 1073741824; else tmp_0 = 0;
long tmp_0;
long tmp;
tmp = random_long();
if (tmp) tmp_0 = 9223372036854775807L / (long)2; else tmp_0 = (long)0;
return tmp_0;
}
......@@ -35,12 +37,12 @@ int main(void)
{
int __retres;
char **response;
int nresp = packet_get_int_ok();
if (nresp > 0) {
response = (char **)malloc((unsigned int)nresp * sizeof(char *));
long nresp = packet_get_long_ok();
if (nresp > (long)0) {
response = (char **)malloc((unsigned long)nresp * sizeof(char *));
if (! response) exit(1);
{
int i = 0;
long i = (long)0;
while (i < nresp) {
*(response + i) = packet_get_string((char const *)0);
i ++;
......@@ -48,12 +50,12 @@ int main(void)
}
free((void *)response);
}
nresp = packet_get_int_problem();
if (nresp > 0) {
response = (char **)malloc((unsigned int)nresp * sizeof(char *));
nresp = packet_get_long_problem();
if (nresp > (long)0) {
response = (char **)malloc((unsigned long)nresp * sizeof(char *));
if (! response) exit(1);
{
int i_0 = 0;
long i_0 = (long)0;
while (i_0 < nresp) {
*(response + i_0) = packet_get_string((char const *)0);
i_0 ++;
......
[metrics] Defined functions (5)
=====================
main (0 call); packet_get_int_ok (1 call); packet_get_int_problem (1 call);
packet_get_string (2 calls); random_int (2 calls);
main (0 call); packet_get_long_ok (1 call);
packet_get_long_problem (1 call); packet_get_string (2 calls);
random_long (2 calls);
Specified-only functions (0)
============================
......@@ -21,13 +22,13 @@ Potential entry points (1)
Global metrics
==============
Sloc = 41
Sloc = 42
Decision point = 8
Global variables = 1
If = 8
Loop = 2
Goto = 0
Assignment = 18
Assignment = 19
Exit point = 5
Function = 5
Function call = 12
......
directory file line function property kind status property
. cwe190.c 44 main mem_access Invalid or unreachable \valid(response + i_0)
. cwe190.c 45 main mem_access Unknown \valid(response + i_0)
......@@ -5,9 +5,9 @@ Semantically reached functions = 5
Coverage estimation = 100.0%
[metrics] Statements analyzed by Eva
--------------------------
41 stmts in analyzed functions, 38 stmts analyzed (92.7%)
packet_get_int_ok: 5 stmts out of 5 (100.0%)
packet_get_int_problem: 5 stmts out of 5 (100.0%)
42 stmts in analyzed functions, 42 stmts analyzed (100.0%)
main: 28 stmts out of 28 (100.0%)
packet_get_long_ok: 6 stmts out of 6 (100.0%)
packet_get_long_problem: 5 stmts out of 5 (100.0%)
packet_get_string: 2 stmts out of 2 (100.0%)
random_int: 1 stmts out of 1 (100.0%)
main: 25 stmts out of 28 (89.3%)
random_long: 1 stmts out of 1 (100.0%)
cwe190.c:44:[nonterm] warning: non-terminating loop
stack: main
cwe190.c:44:[kernel] warning: all target addresses were invalid. This path is assumed to be dead.
stack: main
/* Generated by Frama-C */
#include "stdlib.h"
int volatile _rand;
int random_int(void)
long volatile _rand;
long random_long(void)
{
return _rand;
}
int packet_get_int_ok(void)
long packet_get_long_ok(void)
{
long __retres;
int tmp_0;
int tmp;
tmp = random_int();
long tmp;
tmp = random_long();
if (tmp) tmp_0 = 0; else tmp_0 = 123456;
return tmp_0;
__retres = (long)tmp_0;
return __retres;
}
int packet_get_int_problem(void)
long packet_get_long_problem(void)
{
int tmp_0;
int tmp;
tmp = random_int();
if (tmp) tmp_0 = 1073741824; else tmp_0 = 0;
long tmp_0;
long tmp;
tmp = random_long();
if (tmp) tmp_0 = 9223372036854775807L / (long)2; else tmp_0 = (long)0;
return tmp_0;
}
......@@ -35,12 +37,12 @@ int main(void)
{
int __retres;
char **response;
int nresp = packet_get_int_ok();
if (nresp > 0) {
response = (char **)malloc((unsigned int)nresp * sizeof(char *));
long nresp = packet_get_long_ok();
if (nresp > (long)0) {
response = (char **)malloc((unsigned long)nresp * sizeof(char *));
if (! response) exit(1);
{
int i = 0;
long i = (long)0;
while (i < nresp) {
*(response + i) = packet_get_string((char const *)0);
i ++;
......@@ -48,12 +50,12 @@ int main(void)
}
free((void *)response);
}
nresp = packet_get_int_problem();
if (nresp > 0) {
response = (char **)malloc((unsigned int)nresp * sizeof(char *));
nresp = packet_get_long_problem();
if (nresp > (long)0) {
response = (char **)malloc((unsigned long)nresp * sizeof(char *));
if (! response) exit(1);
{
int i_0 = 0;
long i_0 = (long)0;
while (i_0 < nresp) {
*(response + i_0) = packet_get_string((char const *)0);
i_0 ++;
......
[metrics] Defined functions (5)
=====================
main (0 call); packet_get_int_ok (1 call); packet_get_int_problem (1 call);
packet_get_string (2 calls); random_int (2 calls);
main (0 call); packet_get_long_ok (1 call);
packet_get_long_problem (1 call); packet_get_string (2 calls);
random_long (2 calls);
Specified-only functions (0)
============================
......@@ -21,13 +22,13 @@ Potential entry points (1)
Global metrics
==============
Sloc = 41
Sloc = 42
Decision point = 8
Global variables = 1
If = 8
Loop = 2
Goto = 0
Assignment = 18
Assignment = 19
Exit point = 5
Function = 5
Function call = 12
......
......@@ -130,7 +130,7 @@ int main(void)
exit(1);
}
}
board = (board_square_t *)malloc((unsigned int)(m * n) * sizeof(board_square_t));
board = (board_square_t *)malloc((unsigned long)(m * n) * sizeof(board_square_t));
free((void *)board);
__retres = 0;
return __retres;
......
......@@ -130,7 +130,7 @@ int main(void)
exit(1);
}
}
board = (board_square_t *)malloc((unsigned int)(m * n) * sizeof(board_square_t));
board = (board_square_t *)malloc((unsigned long)(m * n) * sizeof(board_square_t));
free((void *)board);
__retres = 0;
return __retres;
......
......@@ -14,16 +14,16 @@ int main(int argc, char **argv)
char *buf2R1;
char *buf2R2;
char *buf3R2;
buf1R1 = (char *)malloc((unsigned int)512);
buf1R1 = (char *)malloc((unsigned long)512);
if (! buf1R1) exit(1);
buf2R1 = (char *)malloc((unsigned int)512);
buf2R1 = (char *)malloc((unsigned long)512);
if (! buf2R1) exit(1);
free((void *)buf2R1);
buf2R2 = (char *)malloc((unsigned int)(512 / 2 - 8));
buf2R2 = (char *)malloc((unsigned long)(512 / 2 - 8));
if (! buf2R2) exit(1);
buf3R2 = (char *)malloc((unsigned int)(512 / 2 - 8));
buf3R2 = (char *)malloc((unsigned long)(512 / 2 - 8));
if (! buf3R2) exit(1);
strncpy(buf2R1,(char const *)*(argv + 1),(unsigned int)(512 - 1));
strncpy(buf2R1,(char const *)*(argv + 1),(unsigned long)(512 - 1));
free((void *)buf1R1);
free((void *)buf2R2);
free((void *)buf3R2);
......
......@@ -14,16 +14,16 @@ int main(int argc, char **argv)
char *buf2R1;
char *buf2R2;
char *buf3R2;
buf1R1 = (char *)malloc((unsigned int)512);
buf1R1 = (char *)malloc((unsigned long)512);
if (! buf1R1) exit(1);
buf2R1 = (char *)malloc((unsigned int)512);
buf2R1 = (char *)malloc((unsigned long)512);
if (! buf2R1) exit(1);
free((void *)buf2R1);
buf2R2 = (char *)malloc((unsigned int)(512 / 2 - 8));
buf2R2 = (char *)malloc((unsigned long)(512 / 2 - 8));
if (! buf2R2) exit(1);
buf3R2 = (char *)malloc((unsigned int)(512 / 2 - 8));
buf3R2 = (char *)malloc((unsigned long)(512 / 2 - 8));
if (! buf3R2) exit(1);
strncpy(buf2R1,(char const *)*(argv + 1),(unsigned int)(512 - 1));
strncpy(buf2R1,(char const *)*(argv + 1),(unsigned long)(512 - 1));
free((void *)buf1R1);
free((void *)buf2R2);
free((void *)buf3R2);
......
......@@ -8,7 +8,7 @@ char *copy_input(char *user_supplied_string)
int dst_index;
size_t tmp_0;
char *dst_buf =
malloc(((unsigned int)4 * sizeof(char)) * (unsigned int)16);
malloc(((unsigned long)4 * sizeof(char)) * (unsigned long)16);
if (! dst_buf) exit(1);
tmp_0 = strlen((char const *)user_supplied_string);
if ((size_t)16 <= tmp_0) exit(1);
......
......@@ -8,7 +8,7 @@ char *copy_input(char *user_supplied_string)
int dst_index;
size_t tmp_0;
char *dst_buf =
malloc(((unsigned int)4 * sizeof(char)) * (unsigned int)16);
malloc(((unsigned long)4 * sizeof(char)) * (unsigned long)16);
if (! dst_buf) exit(1);
tmp_0 = strlen((char const *)user_supplied_string);
if ((size_t)16 <= tmp_0) exit(1);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment