[LLVMbugs] [Bug 12741] New: Need a fixit for malloc(sizeof(T)*len+1)
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Sat May 5 02:01:55 PDT 2012
http://llvm.org/bugs/show_bug.cgi?id=12741
Bug #: 12741
Summary: Need a fixit for malloc(sizeof(T)*len+1)
Product: clang
Version: trunk
Platform: PC
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: Static Analyzer
AssignedTo: kremenek at apple.com
ReportedBy: glider at google.com
CC: llvmbugs at cs.uiuc.edu
Classification: Unclassified
The following bug was recently detected by AddressSanitizer in Parrot:
https://github.com/parrot/parrot/commit/df12f34e946553
- wstrout = (wchar_t *) malloc(sizeof (wchar_t) * len + 1);
+ wstrout = (wchar_t *) malloc(sizeof (wchar_t) * (len + 1));
I think Clang should detect such bugs at compile time.
If the result of malloc() is being cast to T*, where sizeof(T) is greater than
1, it's obvious that the code author intended to allocate a multiple of
sizeof(T).
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the llvm-bugs
mailing list