[PATCH] [static analyzer] Emit buffer overflow warning in strcpy fucntion when uninitialized source array of known length(> dest length) is used
mayur.p at samsung.com
Tue Nov 4 03:08:13 PST 2014
Sorry for not updating the patch last time. I was waiting for your comments before updating it. Updated the patch now.
And for this case:
char x = "abc";
I had mentioned that this does not seem to be buffer-overflow, as when i checked the same with clang, strcpy is inserting a null terminator after copying the contents of source array.
$ cat strcpy.c
int main ()
char x; // non-null terminated array
x = 'a';
x = 'b';
x = 'c';
char y ;
$ clang strcpy.c
In this example it is seen that clang is inserting null terminator and hence even while copying non-null terminated string to another array, buffer-overflow is not caused.
Please provide comments on whether this analysis is correct or not.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3114 bytes
Desc: not available
More information about the cfe-commits