search

ritwik12 / Virtual-Assistant

A linux based Virtual assistant on Artificial Intelligence in C
GNU General Public License v3.0
125 stars 96 forks source link

Some code safety insights #135

Open B1Z0N opened 1 year ago

B1Z0N commented 1 year ago

Thanks for your contribution to opensource! There's some code safety improvements possible, for example:

  1. scanf return value not taken into account. Possibly here(for example) and in other places.
  2. Unfreed memory and unitialized memory access. Possibly here(for example) and in other places. Please check valgrind tool to mitigate this kind of safety flaws.
  3. Excessive use of system calls without user input validation. Possibly here(for example) and in other places. Please see how it may be abused here.
ritwik12 commented 1 year ago

@B1Z0N Thanks for pointing those out. Feel free to open up a PR for the same. would be happy to have it.