azure-sdk-for-c _az_update_json_writer_state( ) - The result of addition must be verified before assignment.

_az_update_json_writer_state( ) - The result of addition must be verified before assignment.

Open ericwolz opened this issue 2 years ago • 0 comments

Integer Overflow (CWE-190): • The result of addition must be verified before assignment. • File : src\azure\core\az_json_writer.c • API : _az_update_json_writer_state ( ) • Lines : 393 – 394 • Issue : Addition may lead to Integer Overflow:

_internal.bytes_written
total_bytes_written

• Solution :

To perform the operation 𝐴 ≔ 𝐵 + 𝐶:
- Check if 𝐵 + 𝐶 overshoots the value INT32_MAX. • If No, the operation 𝐴 ≔ 𝐵 + 𝐶 can be computed safely. • If Yes, the Error due to Integer Overflow is reported.

Jun 16 '22 23:06 ericwolz

azure-sdk-for-c azure-sdk-for-c copied to clipboard

_az_update_json_writer_state( ) - The result of addition must be verified before assignment.

azure-sdk-for-c
azure-sdk-for-c copied to clipboard