search

CleverRaven / Cataclysm-DDA

Cataclysm - Dark Days Ahead. A turn-based survival game set in a post-apocalyptic world.
http://cataclysmdda.org
Other
10.72k stars 4.21k forks source link

Bud: There may be some out-of-bound accesses in file src/iuse.cpp. (static analysis report) #74180

Open megumin9 opened 6 months ago

megumin9 commented 6 months ago

Describe the bug

In file src/iuse.cpp, there are some std::find_if() functions in line 2843, 2846, 2867, 2887 and 2907. I find the ranges of those find statement are all from cnstr.begin() to cnstr.end(). It is possible to return cnstr.end() if there is no element match the condition, and then the access to the result will be an out-of-bound access. Is it need to add a check here?

(https://github.com/CleverRaven/Cataclysm-DDA/blob/671a7083d463bc326bcef8355894aef6843900d8/src/iuse.cpp#L2843-L2850)

(https://github.com/CleverRaven/Cataclysm-DDA/blob/671a7083d463bc326bcef8355894aef6843900d8/src/iuse.cpp#L2867-L2871)

(https://github.com/CleverRaven/Cataclysm-DDA/blob/671a7083d463bc326bcef8355894aef6843900d8/src/iuse.cpp#L2887-L2891)

(https://github.com/CleverRaven/Cataclysm-DDA/blob/671a7083d463bc326bcef8355894aef6843900d8/src/iuse.cpp#L2907-L2911)

Attach save file

N/A

Steps to reproduce

N/A

Expected behavior

N/A

Screenshots

No response

Versions and configuration

The newest vertion 4c6b918.

Additional context

No response

github-actions[bot] commented 5 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. Please do not bump or comment on this issue unless you are actively working on it. Stale issues, and stale issues that are closed are still considered.