Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PVS-Studio: fixed potential vulnerabilities #1829

Merged
merged 1 commit into from Mar 9, 2017

Conversation

@skhrenov
Copy link
Contributor

commented Mar 9, 2017

V3041 The expression was implicitly cast from 'long' type to 'float' type. Consider utilizing an explicit type cast to avoid the loss of a fractional part. An example: double A = (double)(X) / Y;. Microsoft.Build CommunicationsUtilities.cs 615

V3118 Milliseconds component of TimeSpan is used, which does not represent full time interval. Possibly 'TotalMilliseconds' value was intended instead. MSBuild XMake.cs 629

V3095 The 'name' object was used before it was verified against null. Check lines: 229, 235. Microsoft.Build.Tasks GenerateBindingRedirects.cs 229
V3095 The 'publicKeyToken' object was used before it was verified against null. Check lines: 231, 235. Microsoft.Build.Tasks GenerateBindingRedirects.cs 231

V3095 = CWE-476 (NULL Pointer Dereference)

@skhrenov skhrenov changed the title PVS-Studio: fixed vulnerabilitys PVS-Studio: fixed vulnerabilities Mar 9, 2017
@@ -626,7 +626,7 @@ string commandLine

if (!String.IsNullOrEmpty(timerOutputFilename))
{
AppendOutputFile(timerOutputFilename, elapsedTime.Milliseconds);
AppendOutputFile(timerOutputFilename, (long)elapsedTime.TotalMilliseconds);

This comment has been minimized.

Copy link
@AndyGerlicher

AndyGerlicher Mar 9, 2017

Member

This is frustratingly easy to do and such a very different result... That's great that it caught this!

Copy link
Member

left a comment

Looks great, thanks for taking the time to make the fixes!

@AndyGerlicher

This comment has been minimized.

Copy link
Member

commented Mar 9, 2017

@dotnet-bot test Windows_NT Build for Desktop please

@rainersigwald rainersigwald merged commit 9dee350 into microsoft:xplat Mar 9, 2017
5 checks passed
5 checks passed
OSX Build for CoreCLR Build finished.
Details
Ubuntu14.04 Build for CoreCLR Build finished.
Details
Ubuntu16.04 Build for CoreCLR Build finished.
Details
Windows_NT Build for CoreCLR Build finished.
Details
Windows_NT Build for Desktop Build finished.
Details
@rainersigwald

This comment has been minimized.

Copy link
Contributor

commented Mar 9, 2017

Thanks!

@skhrenov skhrenov changed the title PVS-Studio: fixed vulnerabilities PVS-Studio: fixed potential vulnerabilities Mar 22, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.