Possible Error in XTPCommandBar?

Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic

   We've recently evaluated a development tool that is supposed to help identify potential programming errors. The following item was found within your framework headers.

Please look at this and let us know what you think.

Buffer overflow, array index of 'm_pDocks' may be outside the bounds. Array 'm_pDocks' of size 4 declared at line 1354 may use index values 4..7

CommandBars\XTPCommandBars.h 
1404 AFX_INLINE CXTPDockBar* CXTPCommandBars::GetDockBar(XTPBarPosition xtpPosition) const { 

1405 return m_pDocks[xtpPosition]; 

1406 } 
If we examine the m_pDocks declaration, we can see that it is an array of 4 elements.
CommandBars\XTPCommandBars.h 
1354 CXTPDockBar* m_pDocks[4]; // DockBars list 

If we examine the XTPBarPosition declaration (parameter to GetDockBar), we can see that it is an enum declaration from 0 to 7.
CommandBars\XTPCommandBarsDefines.h 
47 enum XTPBarPosition 

48 { 
49 xtpBarTop = 0, // Docked at top. 
50 xtpBarBottom = 1, // Docked at bottom. 
51 xtpBarLeft = 2, // Docked at left. 
52 xtpBarRight = 3, // Docked at right. 
53 xtpBarFloating = 4, // Floated. 
54 xtpBarPopup = 5, // Popup. 
55 xtpBarListBox = 6, // List box. 
56 xtpBarNone = 7 // None. 
57 };
Using any of the enum values from 4 to 7 would cause an out of bounds condition on the array.

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic
skemp@docucorp Members Profile Send Private Message Find Members Posts Add to Buddy List Newbie Joined: 08 August 2006 Location: United States Status: Offline Points: 11	Post Options Post Reply Quote skemp@docucorp Report Post Thanks(0) Quote Reply Topic: Possible Error in XTPCommandBar? Posted: 12 February 2007 at 2:26pm
	We've recently evaluated a development tool that is supposed to help identify potential programming errors. The following item was found within your framework headers. Please look at this and let us know what you think. Buffer overflow, array index of 'm_pDocks' may be outside the bounds. Array 'm_pDocks' of size 4 declared at line 1354 may use index values 4..7 CommandBars\XTPCommandBars.h 1404 AFX_INLINE CXTPDockBar* CXTPCommandBars::GetDockBar(XTPBarPosition xtpPosition) const { 1405 return m_pDocks[xtpPosition]; 1406 } If we examine the m_pDocks declaration, we can see that it is an array of 4 elements. CommandBars\XTPCommandBars.h 1354 CXTPDockBar* m_pDocks[4]; // DockBars list If we examine the XTPBarPosition declaration (parameter to GetDockBar), we can see that it is an enum declaration from 0 to 7. CommandBars\XTPCommandBarsDefines.h 47 enum XTPBarPosition 48 { 49 xtpBarTop = 0, // Docked at top. 50 xtpBarBottom = 1, // Docked at bottom. 51 xtpBarLeft = 2, // Docked at left. 52 xtpBarRight = 3, // Docked at right. 53 xtpBarFloating = 4, // Floated. 54 xtpBarPopup = 5, // Popup. 55 xtpBarListBox = 6, // List box. 56 xtpBarNone = 7 // None. 57 }; Using any of the enum values from 4 to 7 would cause an out of bounds condition on the array.

Oleg Members Profile Send Private Message Find Members Posts Add to Buddy List Admin Group Joined: 21 May 2003 Location: United States Status: Offline Points: 11234	Post Options Post Reply Quote Oleg Report Post Thanks(0) Quote Reply Posted: 13 February 2007 at 7:47am
	Hello, When we call it we assume toolbar is docked. But agree, that we have add some check for developers how we call this method outside of library. Added ASSERT.
	Oleg, Support Team CODEJOCK SOFTWARE SOLUTIONS