<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<div>Hello,</div>
<br>
<div>I was trying to test the 'alpha.security.ArrayBoundV2' checker with this simple code snippet;</div>
<br>
<div>  1 #include <stdio.h>                                                              
</div>
<div>  2 #include <stdlib.h>                                                             
</div>
<div>  3                                                                                 
</div>
<div>  4 int main(int argc, char** argv){                                                
</div>
<div>  5     int i;                                                                      
</div>
<div>  6     int *a = malloc(sizeof(int) * 10);                                          
</div>
<div>  7     if (!a) return -1;                             </div>
<div>  8     for (i = 0; i < 11; i++) {   //< supposed to find here                                                  
</div>
<div>  9         a[i] = i;                                                               
</div>
<div>10     }                                                                           
</div>
<div>11     free(a);                                                                    
</div>
<div>12     return 0;                                                                   
</div>
<div>13 }  </div>
<br>
<div>I ran the analyzer with enabling 'alpha.security.ArrayBoundV2' (scan-build -o . -enable-checker alpha.security.ArrayBoundV2 clang bo.c -O0 -g), but either it does not work or apparently it concluded there is no problem.</div>
<br>
<div>scan-build -o . -enable-checker alpha.security.ArrayBoundV2 clang bo.c -O0 -g</div>
<div>scan-build: Using '/home/gwangmu/opt/llvm/install/bin/clang-8' for static analysis</div>
<div>scan-build: Removing directory '/home/gwangmu/Scratch/vuln-tests/bo/2019-02-12-202738-6126-1' because it contains no reports.</div>
<div>scan-build: No bugs found.</div>
<br>
<div>I searched for material or articles where this checker was used, but they are quite rare and also no similar problem cannot be found. Was the command running the analyzer not configured well, or is there any CMake flag that I need to set before building
 the analyzer to use alpha checkers?</div>
<br>
<div>Best,</div>
<div>Gwangmu Lee.</div>
<br>
<br>
<div><signature id="initial">
<table cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="vertical-align:top"></td>
<td>
<div><b>Gwangmu Lee</b></div>
<div>Ph.D. Student</div>
<div style="font-size:0.9em;border-top:1px solid gray;min-width:250px;max-width:300px;margin-top:4px;padding-top:4px">
<div>
<div><span style="margin-right:8px">+82) 10 4114 7441</span></div>
<div>Room 615, Bldg 301, Seoul National University, Gwanak-ro 1, Gwanak-gu, Seoul, South Korea.</div>
<div><a href="https://link.getmailspring.com/link/1549970642.local-2edad806-9659-v1.5.6-4cb1851b@getmailspring.com/0?redirect=http%3A%2F%2Fcompsec.snu.ac.kr%2F~gwangmu&recipient=Y2ZlLWRldkBsaXN0cy5sbHZtLm9yZw%3D%3D">http://compsec.snu.ac.kr/~gwangmu</a></div>
<div></div>
</div>
</div>
</td>
</tr>
</tbody>
</table>
</signature></div>
<img class="mailspring-open" alt="Sent from Mailspring" width="0" height="0" style="border:0; width:0; height:0;" src="https://link.getmailspring.com/open/1549970642.local-2edad806-9659-v1.5.6-4cb1851b@getmailspring.com?recipient=Y2ZlLWRldkBsaXN0cy5sbHZtLm9yZw%3D%3D">
</body>
</html>