[LLVMbugs] [Bug 11114] New: Clang buffer overflow checks fail to detect simple case.
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Tue Oct 11 15:10:02 PDT 2011
http://llvm.org/bugs/show_bug.cgi?id=11114
Summary: Clang buffer overflow checks fail to detect simple
case.
Product: clang
Version: trunk
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P
Component: Static Analyzer
AssignedTo: kremenek at apple.com
ReportedBy: william.metcalf at gmail.com
CC: llvmbugs at cs.uiuc.edu
Tested with version of clang/scan-build in trunk. The static analyzer fails to
detect a simple buffer overflow in program found here. I guess more of an FYI
than anything else..
http://www.debian-administration.org/articles/408
clang -v
clang version 3.0 (trunk 141707)
Target: x86_64-unknown-linux-gnu
Thread model: posix
scan-build gcc -o buggy buggy.c
scan-build: 'clang' executable not found in '/opt/clang/scan-build/bin'.
scan-build: Using 'clang' from path: /opt/clang/bin/clang
scan-build: Removing directory '/tmp/scan-build-2011-10-11-1' because it
contains no reports.
clang --analyze -Xclang -analyzer-checker -Xclang security.experimental buggy.c
clang --analyze -Xclang -analyzer-checker -Xclang
security.experimental.ArrayBound buggy.c
clang --analyze -Xclang -analyzer-checker -Xclang
security.experimental.ArrayBound2 buggy.c
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list