Skip to content

Enhance cpp/overflow-calculated - detect out-of-bounds write caused by passing the buffer size in bytes (using sizeof) instead of the number of elements to wcsftime, allowing the function to overrun the allocated buffer. #19722

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
felickz wants to merge 9 commits into
base: main
Choose a base branch
from

Merge branch 'main' into cpp-overflowcalculated-wchar-t-buffer-overrun

f40fcf1
Select commit
Loading
Failed to load commit list.
Draft

Enhance cpp/overflow-calculated - detect out-of-bounds write caused by passing the buffer size in bytes (using sizeof) instead of the number of elements to wcsftime, allowing the function to overrun the allocated buffer. #19722

Merge branch 'main' into cpp-overflowcalculated-wchar-t-buffer-overrun
f40fcf1
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL completed Jun 13, 2025 in 7s

6 configurations not found

Warning: Code scanning cannot determine the alerts introduced by this pull request, because 6 configurations present on refs/heads/main were not found:

Actions workflow (rust-analysis.yml)

  • ❓  .github/workflows/rust-analysis.yml:analyze/language:rust

Actions workflow (csv-coverage-metrics.yml)

  • ❓  .github/workflows/csv-coverage-metrics.yml:publish-csharp
  • ❓  .github/workflows/csv-coverage-metrics.yml:publish-java

Actions workflow (codeql-analysis.yml)

  • ❓  .github/workflows/codeql-analysis.yml:CodeQL-Build/language:actions
  • ❓  .github/workflows/codeql-analysis.yml:CodeQL-Build/language:csharp

Actions workflow (cpp-swift-analysis.yml)

  • ❓  .github/workflows/cpp-swift-analysis.yml:CodeQL-Build

View all branch alerts.