Ubuntu
zsnes package

[cppcheck] buffer access out of bounds

Bug #695507 reported by orbitcowboy on 2010-12-29

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	zsnes (Debian)	Fix Released	Unknown	debbugs #610313
	zsnes (Ubuntu)	Incomplete	Undecided	Unassigned

Bug Description

Binary package hint: zsnes

during a check with the static code analysis tool cppcheck (http://sourceforge.net/apps/mediawiki/cppcheck/index.php?title=Main_Page) the tool discovered a severe error in the sources of zsnes_1.510.tar.gz. Here is the report of cppcheck:

./src/initc.c:2764 [error] - Array 'SPCRAM[65472]' index 65535 out of bounds

Take a look at the source (here is reduced sample to show what is going on):

#include <iostream>

int main()
{
    int i;
    int SPCRAM[65472];
// std::cout << 0x40 << std::endl;
// std::cout << 0xFFC0 << std::endl;
    for(i = 0;i<0x40;i++)
    {
      SPCRAM[0xFFC0+i] = 0;
    }
}

The buffer SPCRAM is accessed out bounds.

Best regards from the cppheck-team.

Revision history for this message

Etienne Millon (etienne-millon) wrote on 2011-04-07:

Hello,

The cppcheck run on Debian signaled several other warnings : http://qa.debian.org/daca/cppcheck/sid/zsnes_1.510-2.2.html

Bug Watch Updater (bug-watch-updater) on 2011-04-07

Changed in zsnes (Debian):
status:	Unknown → New

Revision history for this message

shankao (shankao) wrote on 2016-01-13:

I just had a look to zsnes sources and seem to have changed since your bug report.
Is this problem still happening?

Changed in zsnes (Ubuntu):
status:	New → Incomplete

Revision history for this message

Etienne Millon (etienne-millon) wrote on 2016-02-06: Re: [Bug 695507] Re: [cppcheck] buffer access out of bounds

Hello,

I think that this is still applicable to the latest version:

https://qa.debian.org/daca/cppcheck/sid/zsnes_1.510+bz2-1.html

Best,

Revision history for this message

shankao (shankao) wrote on 2016-02-06:

Agree.

This one is pretty obvious:
./src/initc.c:2764 [error] - Array 'SPCRAM[65472]' index 65535 out of bounds

Problem is that zsnes upstream seems to have died long ago, so this leaves code maintenance to debian/ubuntu... maybe you can branch the code into launchpad and submit some fixes?

Bug Watch Updater (bug-watch-updater) on 2023-07-19

Changed in zsnes (Debian):
status:	New → Fix Released

Revision history for this message

Stéphane (stephane-treboux) wrote on 2023-10-18:

Last Ubuntu package for zsnes, downloaded before lunar went out of support Edit (988.5 KiB, application/x-debian-package)

This issue should become irrelevant because the package zsnes was recently removed from the repositories with 23.10 (mantic).

The package zsnes was maintained by Debian and the maintainer decided to remove it because the development of ZSNES has ceased in 2007.

The issue is discussed in two Debian bug reports:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039564
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039568

For your convenience I attached a copy of the last Ubuntu package for zsnes which I downloaded from https://packages.ubuntu.com/lunar/zsnes; the link will die soon when lunar goes out of support.