ERROR TYPE: OVERRUN_STATIC MODULE SUPPORT LEVEL: core Generated on: 2012-04-10 12:02:08.361197 ------------------------------------------------ FINDING #0 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:721: ptr_assign: Pointer "p" is assigned the address of a static array pointer "&u.tzhead.tzh_charcnt[sizeof (u.tzhead.tzh_charcnt) /*4*/]" of size 4 bytes and offset 4 bytes. [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:739: overrun-local: Overrunning static array of size 4 bytes at byte position 4 by accessing with pointer "p" through dereference in call to "detzcode". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:631: deref_parm: Directly dereferencing parameter "codep". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:739: overrun-local: Note: These bugs are often difficult to see at first glance. Coverity recommends a close inspection of the events leading to this overrun. FINDING #1 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:721: ptr_assign: Pointer "p" is assigned the address of a static array pointer "&u.tzhead.tzh_charcnt[sizeof (u.tzhead.tzh_charcnt) /*4*/]" of size 4 bytes and offset 4 bytes. [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:739: overrun-local: Overrunning static array of size 4 bytes at byte position 4 by accessing with pointer "p" through dereference in call to "detzcode". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:631: deref_parm: Directly dereferencing parameter "codep". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:739: overrun-local: Note: These bugs are often difficult to see at first glance. Coverity recommends a close inspection of the events leading to this overrun. [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:739: overrun-buffer-val: Overrunning static array "p" of size 4 bytes by passing it as an argument to a function which indexes it at byte position 7. [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:632: loop_bounded_by_parm: Loop condition "i < 4" is bounded by constant "4". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:633: index_bounded_by_const: Pointer "codep" is indexed by "i", whose upper bound is constant "4" in "i < 4". FINDING #2 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/stdtime/localtime.c:2342: overrun-buffer-arg: Overrunning struct type struct tm of size 56 bytes by passing it to a function which indexes it with argument "sizeof (*tm) /*64*/" at byte position 63. FINDING #3 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/bridges/bridge_multiplexed.c:286: overrun-buffer-val: Overrunning static array "&multiplexed_thread->chans[i] + 1" of size 64 bytes by passing it as an argument to a function which indexes it at byte position 64. FINDING #4 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/bridges/bridge_multiplexed.c:286: overrun-local: Overrunning static array of size 64 bytes at byte position 64 by indexing pointer "&multiplexed_thread->chans[i]" with index variable "1" through dereference in call to "memmove". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/bridges/bridge_multiplexed.c:286: overrun-local: Note: These bugs are often difficult to see at first glance. Coverity recommends a close inspection of the events leading to this overrun. FINDING #5 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/bridges/bridge_multiplexed.c:286: overrun-local: Overrunning static array of size 64 bytes at byte position 64 by indexing pointer "&multiplexed_thread->chans[i]" with index variable "1" through dereference in call to "memmove". (The dereference is assumed on the basis of the 'nonnull' parameter attribute.) [core]: /builddir/build/BUILD/asterisk-1.8.6.0/bridges/bridge_multiplexed.c:286: overrun-local: Note: These bugs are often difficult to see at first glance. Coverity recommends a close inspection of the events leading to this overrun. FINDING #6 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/tdd.c:192: overrun-call: Overrunning callee's array of size 32 by passing index "b" of value 127 in call to function "tdd_decode_baudot(tdd, b)". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/tdd.c:81: index_parm: Directly indexing parameter. FINDING #7 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/channels/chan_iax2.c:5373: overrun-buffer-val: Overrunning static array "key" of size 17 bytes by passing it as an argument to a function which indexes it at byte position 63. [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/md5.c:106: access_dbuff_const: Calling "memcpy" indexes array "buf" with index "64UL" at byte position 63. FINDING #8 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:235: overrun-buffer-val: Overrunning static array "&jb->hist_maxbuf[j] + 1" of size 160 bytes by passing it as an argument to a function which indexes it at byte position 160. FINDING #9 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:252: overrun-buffer-val: Overrunning static array "&jb->hist_minbuf[j] + 1" of size 160 bytes by passing it as an argument to a function which indexes it at byte position 160. FINDING #10 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:235: overrun-local: Overrunning static array of size 160 bytes at byte position 160 by indexing pointer "&jb->hist_maxbuf[j]" with index variable "1" through dereference in call to "memmove". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:235: overrun-local: Note: These bugs are often difficult to see at first glance. Coverity recommends a close inspection of the events leading to this overrun. FINDING #11 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:235: overrun-local: Overrunning static array of size 160 bytes at byte position 160 by indexing pointer "&jb->hist_maxbuf[j]" with index variable "1" through dereference in call to "memmove". (The dereference is assumed on the basis of the 'nonnull' parameter attribute.) [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:235: overrun-local: Note: These bugs are often difficult to see at first glance. Coverity recommends a close inspection of the events leading to this overrun. FINDING #12 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:252: overrun-local: Overrunning static array of size 160 bytes at byte position 160 by indexing pointer "&jb->hist_minbuf[j]" with index variable "1" through dereference in call to "memmove". [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:252: overrun-local: Note: These bugs are often difficult to see at first glance. Coverity recommends a close inspection of the events leading to this overrun. FINDING #13 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:252: overrun-local: Overrunning static array of size 160 bytes at byte position 160 by indexing pointer "&jb->hist_minbuf[j]" with index variable "1" through dereference in call to "memmove". (The dereference is assumed on the basis of the 'nonnull' parameter attribute.) [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/jitterbuf.c:252: overrun-local: Note: These bugs are often difficult to see at first glance. Coverity recommends a close inspection of the events leading to this overrun. FINDING #14 [core]: /builddir/build/BUILD/asterisk-1.8.6.0/main/frame.c:1131: overrun-local: Overrunning static array "pref->order", with 64 elements, at position 64 with index variable "x".