...
| Code Block |
|---|
int main(void) {
static volatile int **ipp;
static volatile int *ip;
static volatile int i = 0;;
printf("i = %d.\n", i);
ipp = &ip; // constraint violation
*ipp = &i; // valid
if (*ip != 0) { // valid
/* i has changed */
}
|
Priority: P2 Level: L3
Integer truncation errors can lead to buffer overflows and the execution of arbitrary code by an attackerAccessing a volatile object through a non-volatile reference results in undefined behavior.
Component | Value |
|---|---|
Severity | 1 (low) |
Likelihood | 1 (unlikely) |
Remediation cost | 2 (medium) |
...