<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/58910>58910</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            clang static analyzer - not detecting writing to a memory zone with insufficient space
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          undergraver
      </td>
    </tr>
</table>

<pre>
    I had the following in some legacy code and neither clang analyzer, cppcheck or coverity found this issue.

```
#include <sys/msg.h>

int main() {
  int msqid = 2;
  struct msqid_ds *buf;

   msgctl(msqid, IPC_STAT, (struct msqid_ds*)&buf);

  return 0;

}
```

The issue was quite difficult to track as the pointer variable was a static one and previously (on a 32 bit deployment) we didn't encounter any issues - possibly something went terribly wrong but we weren't able to see it. So we had a serious data segment pollution because of the fact that the variable was not sufficient to hold the data (a 64 bit pointer variable has 8 bytes while the structure has tens of bytes, maybe more).

```
#> scan-build gcc -Wall ~/msgctl_test.c
scan-build: Using '/usr/bin/clang-13.0.1' for static analysis
scan-build: Analysis run complete.
scan-build: Removing directory '/home/iulians/.adpmgr_ZhvjX/tmp/scan-build-2022-11-10-082850-16596-1' because it contains no reports.
scan-build: No bugs found.
#>
#> rpm -qf /usr/bin/scan-build
clang-tools-13.0.1-bp154.2.18.x86_64
#>

```

</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJyFVdtu4zYQ_Rr5ZSBBF1u2H_SQTTbAvhRFd4sWfQkoipa4pUiFF7var--hZGeTNEABQ7cZHp6Zc4ZuTTc3X2hgHflB0MkoZS5S9yQ1OTMKUqJnfCZuOkFMd6SFRKIlrhiymGZq_iFsUt4TnyY-CP43GUTNWVjpZwAGHaGlI-lcEFmSPyT53fVa59ff-lpWUnMVsFNS3bvZJeXj6PpsSKrPr5dJ7WlkUiflISmPlOw_rd-Jloh7lh0AHqhMqpeI8zbwa_Cpc5SUd204vSTc0pDQc6-AvGTGsr78ev_09dvdt_iM7--AgAMOSVlHNDy8B7TCB6spfxdI9g8ft2C5foMSS7fowhw9B-kFdfJ0kjwoT96Qtwx9RixqNhmUDUXOzErWqnURQ8XMS05Gr7pNVpylCU7NsQqjkVGV1EpPnZiUmUehfezmJW7Vobd7T0JzyBexmZ5XRo5SbOicbAEUDQJp4YMLVhMS7fL9Yg2-tcFHtIuwYoVbyIG9EyjPZ_TVxHi0HtjCLmBHHfPxpY90sJFSwUuQbQVnwQkyp9WmDBL4gfnl7U3h2nhyIfZKLpwMDUat5l6wUTyjertU_p_ODQA4UDt71HkZZKSLdavkwa5xL7SLPJasaIqRza2g0ViB_v2Pv-FkcpzptA0SrHrOKf2DKQUTf17dDvc9AdhnfF30Mzup7uh3F7uNbiI5OIzdYxvn4HGZxrSosjwrEMXY2ZsBlhF10n0Ed3eNkQ0aMztOSvjbiL7N_E2M5hz37qQV3Bs7X1kM8ABuMijJdJzYjHXT2Nunv4bz9z_x7scJ159oaZmXZVoUaZGn-aE87PK0qHfHOl2I34SGOtxojymPkmKMJmO9-5DaLwZW69161GSvW_2m7XYaKX0-0bvOvcJastdOemOUu_Yzbadit83KrDhk_xzqp3r7wR4f6b0RTVHXh7wuDvV-0zVVd6yObOOlV6JZz8_XGuEYxXBF_3ZQgftlrnCIxjtszGiEBuj7jzjSF5zCOO5eOd1NjItNsKoZvJ8cOoPq8OuRGdoM6uJFqfPtlk7WfMc2UbxlsvGwOxyLfDM0--1WbCtW16zcb9u6EG3Rdbhx1MLy03ajWCuUa5Ldp2T3sJFN1LQoijyvqyLfZ1Vb1MdjVZWs3ranoki2ucCJrbK4cWZsv7HNwiEKh6CSDuK-BBnOl14LccNnwQ_GNpBX2N4y_LVsFsrNwvdfeyMk6Q">