axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jake Scott <Jacob.Sc...@morganstanley.com>
Subject Lack of allocation failure checking in C code gen
Date Wed, 09 Oct 2013 19:07:05 GMT

Hi.

We are using version 1.6.2 of the Axis2/Java framework to generate C
code for use with Axis2/C, from some WSDL service descriptions.  We have
noticed that the generated code does not always check the return value
of memory allocations, and there is therefore a risk of null pointer
de-references in low memory situations.

For example :

    p_prefix = (axis2_char_t*)AXIS2_MALLOC(env->allocator, sizeof
(axis2_char_t) * ADB_DEFAULT_NAMESPACE_PREFIX_LIMIT);
    sprintf(p_prefix, "n%d", (*next_ns_index)++);

It seems to be generally related to allocations before a call to
sprintf.  Other times the return value is checked :

   _AuthResponse = (adb_AuthResponse_t *) AXIS2_MALLOC(env->allocator,
sizeof(adb_AuthResponse_t));
   if(NULL == _AuthResponse)
   {
     AXIS2_ERROR_SET(env->error, AXIS2_ERROR_NO_MEMORY, AXIS2_FAILURE);
     return NULL;
   }


We are certainly willing to patch this and submit back the code, but
before embarking on this effort I'd like to validate this with the
list.  Is this something that would be accepted, and any hints at the
best way to tackle this would be much appreciated.


Thanks

Jake Scott




---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message